Lines 21-27
Link Here
|
21 |
import java.io.ByteArrayOutputStream; |
21 |
import java.io.ByteArrayOutputStream; |
22 |
import java.io.IOException; |
22 |
import java.io.IOException; |
23 |
import java.io.InputStream; |
23 |
import java.io.InputStream; |
|
|
24 |
import java.net.URI; |
24 |
import java.net.URL; |
25 |
import java.net.URL; |
|
|
26 |
import java.net.URLDecoder; |
25 |
import java.util.HashMap; |
27 |
import java.util.HashMap; |
26 |
import java.util.Map; |
28 |
import java.util.Map; |
27 |
import java.util.StringTokenizer; |
29 |
import java.util.StringTokenizer; |
Lines 167-175
Link Here
|
167 |
if (url.startsWith("/")) { |
169 |
if (url.startsWith("/")) { |
168 |
url = HTTPS + "://" + paramHttps + url; // $NON-NLS-1$ |
170 |
url = HTTPS + "://" + paramHttps + url; // $NON-NLS-1$ |
169 |
} |
171 |
} |
|
|
172 |
try { |
173 |
URI testCleanUri = new URI(url); |
174 |
} catch (Exception e) { |
175 |
log.info("Url contains unsafe characters"); |
176 |
try { |
177 |
url = escapeIllegalURLCharacters(url); |
178 |
} catch (Exception e1) { |
179 |
log.error("Error sanitzing URL:"+url); |
180 |
} |
181 |
} |
170 |
log.debug("First Line: " + url); |
182 |
log.debug("First Line: " + url); |
171 |
} |
183 |
} |
172 |
|
184 |
|
|
|
185 |
/** |
186 |
* @param url |
187 |
* @return |
188 |
* @throws Exception |
189 |
*/ |
190 |
public static String escapeIllegalURLCharacters(String url) throws Exception{ |
191 |
String decodeUrl = URLDecoder.decode(url,"UTF-8"); |
192 |
URL urlString = new URL(decodeUrl); |
193 |
URI uri = new URI(urlString.getProtocol(), urlString.getUserInfo(), urlString.getHost(), urlString.getPort(), urlString.getPath(), urlString.getQuery(), urlString.getRef()); |
194 |
return uri.toString(); |
195 |
} |
196 |
|
173 |
/* |
197 |
/* |
174 |
* Split line into name/value pairs and store in headers if relevant |
198 |
* Split line into name/value pairs and store in headers if relevant |
175 |
* If name = "content-length", then return value as int, else return 0 |
199 |
* If name = "content-length", then return value as int, else return 0 |