Minor fixes stopping invalid sessions (#1850)
* Update UserAuthenticationFilter.java * Update RequestUriUtils.java * Update RequestUriUtils.java * Update RequestUriUtilsTest.java
This commit is contained in:
parent
6f52189ed2
commit
db563c765d
3 changed files with 6 additions and 12 deletions
|
@ -159,7 +159,7 @@ public class UserAuthenticationFilter extends OncePerRequestFilter {
|
||||||
};
|
};
|
||||||
|
|
||||||
for (String pattern : permitAllPatterns) {
|
for (String pattern : permitAllPatterns) {
|
||||||
if (uri.startsWith(pattern) || uri.endsWith(".svg")) {
|
if (uri.startsWith(pattern) || uri.endsWith(".svg") || uri.endsWith(".png") || uri.endsWith(".ico")) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,16 +4,7 @@ public class RequestUriUtils {
|
||||||
|
|
||||||
public static boolean isStaticResource(String requestURI) {
|
public static boolean isStaticResource(String requestURI) {
|
||||||
|
|
||||||
return requestURI.startsWith("/css/")
|
return isStaticResource("", requestURI);
|
||||||
|| requestURI.startsWith("/fonts/")
|
|
||||||
|| requestURI.startsWith("/js/")
|
|
||||||
|| requestURI.startsWith("/images/")
|
|
||||||
|| requestURI.startsWith("/public/")
|
|
||||||
|| requestURI.startsWith("/pdfjs/")
|
|
||||||
|| requestURI.startsWith("/pdfjs-legacy/")
|
|
||||||
|| requestURI.endsWith(".svg")
|
|
||||||
|| requestURI.endsWith(".webmanifest")
|
|
||||||
|| requestURI.startsWith("/api/v1/info/status");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static boolean isStaticResource(String contextPath, String requestURI) {
|
public static boolean isStaticResource(String contextPath, String requestURI) {
|
||||||
|
@ -24,7 +15,10 @@ public class RequestUriUtils {
|
||||||
|| requestURI.startsWith(contextPath + "/images/")
|
|| requestURI.startsWith(contextPath + "/images/")
|
||||||
|| requestURI.startsWith(contextPath + "/public/")
|
|| requestURI.startsWith(contextPath + "/public/")
|
||||||
|| requestURI.startsWith(contextPath + "/pdfjs/")
|
|| requestURI.startsWith(contextPath + "/pdfjs/")
|
||||||
|
|| requestURI.startsWith(contextPath + "/login")
|
||||||
|| requestURI.endsWith(".svg")
|
|| requestURI.endsWith(".svg")
|
||||||
|
|| requestURI.endsWith(".png")
|
||||||
|
|| requestURI.endsWith(".ico")
|
||||||
|| requestURI.endsWith(".webmanifest")
|
|| requestURI.endsWith(".webmanifest")
|
||||||
|| requestURI.startsWith(contextPath + "/api/v1/info/status");
|
|| requestURI.startsWith(contextPath + "/api/v1/info/status");
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,7 @@ public class RequestUriUtilsTest {
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/api/v1/users"));
|
assertFalse(RequestUriUtils.isStaticResource("/api/v1/users"));
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/api/v1/orders"));
|
assertFalse(RequestUriUtils.isStaticResource("/api/v1/orders"));
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/"));
|
assertFalse(RequestUriUtils.isStaticResource("/"));
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/login"));
|
assertTrue(RequestUriUtils.isStaticResource("/login"));
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/register"));
|
assertFalse(RequestUriUtils.isStaticResource("/register"));
|
||||||
assertFalse(RequestUriUtils.isStaticResource("/api/v1/products"));
|
assertFalse(RequestUriUtils.isStaticResource("/api/v1/products"));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue