Issue #4577 IpAccessHandler NPE

Match on full URI path rather than target. Signed-off-by: Greg Wilkins <[email protected]>
jetty · Feb 24, 2020 · 5480da4 · 5480da4
1 parent d95f2fb
commit 5480da4
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/handler/IPAccessHandler.java b/jetty-server/src/main/java/org/eclipse/jetty/server/handler/IPAccessHandler.java
@@ -202,7 +202,7 @@ public void handle(String target, Request baseRequest, HttpServletRequest reques
             if (endp != null)
             {
                 InetSocketAddress address = endp.getRemoteAddress();
-                if (address != null && !isAddrUriAllowed(address.getHostString(), target))
+                if (address != null && !isAddrUriAllowed(address.getHostString(), baseRequest.getMetaData().getURI().getDecodedPath()))
                 {
                     response.sendError(HttpStatus.FORBIDDEN_403);
                     baseRequest.setHandled(true);
@@ -284,7 +284,7 @@ protected void set(String[] entries, PathMap<IPAddressMap<Boolean>> patternMap)
      * Check if specified request is allowed by current IPAccess rules.
      *
      * @param addr internet address
-     * @param path context path
+     * @param path request URI path
      * @return true if request is allowed
      */
     protected boolean isAddrUriAllowed(String addr, String path)

diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/handler/IPAccessHandlerTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/handler/IPAccessHandlerTest.java
@@ -43,6 +43,7 @@
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Assumptions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
@@ -141,6 +142,11 @@ public void testContext(String white, String black, String host, String uri, Str
         _server.setHandler(context);
         _server.start();
 
+        white = white.replaceAll("\\|/", "|/ctx/");
+        black = black.replaceAll("\\|/", "|/ctx/");
+
+        Assumptions.assumeFalse(white.endsWith("|"));
+        Assumptions.assumeFalse(black.endsWith("|"));
         _handler.setWhite(white.split(";", -1));
         _handler.setBlack(black.split(";", -1));
         _handler.setWhiteListByPath(byPath);