zhuyijun/nacos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ISSUE #10734] Optimize the param check implementation logic (#10955)

Browse Source 
* For #10734,优化实现逻辑,提高扩展性,为动态变更限流规则预留接口

* For #10734,优化实现逻辑,提高扩展性,为动态变更参数校验规则预留接口
This commit is contained in:
Sunrisea 2023-08-14 14:55:49 +08:00 committed by GitHub
parent 003f192aa8
commit d756cdc6de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 439 additions and 190 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
common/src/main/java/com/alibaba/nacos/common/paramcheck/AbstractParamChecker.java
View File

@ -25,6 +25,12 @@ import java.util.List;
*/
public abstract class AbstractParamChecker {
protected ParamCheckRule paramCheckRule;
public AbstractParamChecker() {
initParamCheckRule();
}
/**
* Gets checker type.
*
@ -33,9 +39,15 @@ public abstract class AbstractParamChecker {
public abstract String getCheckerType();
/**
* Check param info list.
* Check param info list param check response.
*
* @param paramInfos the param infos
* @return the param check response
*/
public abstract void checkParamInfoList(List<ParamInfo> paramInfos);
public abstract ParamCheckResponse checkParamInfoList(List<ParamInfo> paramInfos);
/**
* Init param check rule.
*/
public abstract void initParamCheckRule();
}

334
common/src/main/java/com/alibaba/nacos/common/paramcheck/DefaultParamChecker.java
View File

@ -29,19 +29,19 @@ import java.util.regex.Pattern;
*/
public class DefaultParamChecker extends AbstractParamChecker {
private static final Pattern NAMESPACE_SHOW_NAME_PATTERN = Pattern.compile(ParamCheckRules.NAMESPACE_SHOW_NAME_PATTERN_STRING);
private Pattern namespaceShowNamePattern;
private static final Pattern NAMESPACE_ID_PATTERN = Pattern.compile(ParamCheckRules.NAMESPACE_ID_PATTERN_STRING);
private Pattern namespaceIdPattern;
private static final Pattern DATA_ID_PATTERN = Pattern.compile(ParamCheckRules.DATA_ID_PATTERN_STRING);
private Pattern dataIdPattern;
private static final Pattern SERVICE_NAME_PATTERN = Pattern.compile(ParamCheckRules.SERVICE_NAME_PATTERN_STRING);
private Pattern serviceNamePattern;
private static final Pattern GROUP_PATTERN = Pattern.compile(ParamCheckRules.GROUP_PATTERN_STRING);
private Pattern groupPattern;
private static final Pattern CLUSTER_PATTERN = Pattern.compile(ParamCheckRules.CLUSTER_PATTERN_STRING);
private Pattern clusterPattern;
private static final Pattern IP_PATTERN = Pattern.compile(ParamCheckRules.IP_PATTERN_STRING);
private Pattern ipPattern;
private static final String CHECKER_TYPE = "default";
@ -51,224 +51,349 @@ public class DefaultParamChecker extends AbstractParamChecker {
}
@Override
public void checkParamInfoList(List<ParamInfo> paramInfos) {
public ParamCheckResponse checkParamInfoList(List<ParamInfo> paramInfos) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (paramInfos == null) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
for (ParamInfo paramInfo : paramInfos) {
checkParamInfoFormat(paramInfo);
paramCheckResponse = checkParamInfoFormat(paramInfo);
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
@Override
public void initParamCheckRule() {
this.paramCheckRule = new ParamCheckRule();
initFormatPattern();
}
private void initFormatPattern() {
this.namespaceShowNamePattern = Pattern.compile(this.paramCheckRule.namespaceShowNamePatternString);
this.namespaceIdPattern = Pattern.compile(this.paramCheckRule.namespaceIdPatternString);
this.dataIdPattern = Pattern.compile(this.paramCheckRule.dataIdPatternString);
this.serviceNamePattern = Pattern.compile(this.paramCheckRule.serviceNamePatternString);
this.groupPattern = Pattern.compile(this.paramCheckRule.groupPatternString);
this.clusterPattern = Pattern.compile(this.paramCheckRule.clusterPatternString);
this.ipPattern = Pattern.compile(this.paramCheckRule.ipPatternString);
}
/**
* Check param info format.
*
* @param paramInfo the param info
* @return the param check response
*/
public void checkParamInfoFormat(ParamInfo paramInfo) {
public ParamCheckResponse checkParamInfoFormat(ParamInfo paramInfo) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (paramInfo == null) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
checkNamespaceShowNameFormat(paramInfo.getNamespaceShowName());
checkNamespaceIdFormat(paramInfo.getNamespaceId());
checkDataIdFormat(paramInfo.getDataId());
checkServiceNameFormat(paramInfo.getServiceName());
checkGroupFormat(paramInfo.getGroup());
checkClusterFormat(paramInfo.getClusters());
checkSingleClusterFormat(paramInfo.getCluster());
checkIpFormat(paramInfo.getIp());
checkPortFormat(paramInfo.getPort());
checkMetadataFormat(paramInfo.getMetadata());
paramCheckResponse = checkNamespaceShowNameFormat(paramInfo.getNamespaceShowName());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkNamespaceIdFormat(paramInfo.getNamespaceId());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkDataIdFormat(paramInfo.getDataId());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkServiceNameFormat(paramInfo.getServiceName());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkGroupFormat(paramInfo.getGroup());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkClusterFormat(paramInfo.getClusters());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkSingleClusterFormat(paramInfo.getCluster());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkIpFormat(paramInfo.getIp());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkPortFormat(paramInfo.getPort());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse = checkMetadataFormat(paramInfo.getMetadata());
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check namespace show name format.
*
* @param namespaceShowName the namespace show name
* @return the param check response
*/
public void checkNamespaceShowNameFormat(String namespaceShowName) {
public ParamCheckResponse checkNamespaceShowNameFormat(String namespaceShowName) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(namespaceShowName)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (namespaceShowName.length() > ParamCheckRules.MAX_NAMESPACE_SHOW_NAME_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'namespaceShowName' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_NAMESPACE_SHOW_NAME_LENGTH));
if (namespaceShowName.length() > paramCheckRule.maxNamespaceShowNameLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'namespaceShowName' is illegal, the param length should not exceed %d.",
paramCheckRule.maxNamespaceShowNameLength));
return paramCheckResponse;
}
if (!NAMESPACE_SHOW_NAME_PATTERN.matcher(namespaceShowName).matches()) {
throw new IllegalArgumentException(
"Param 'namespaceShowName' is illegal, illegal characters should not appear in the param.");
if (!namespaceShowNamePattern.matcher(namespaceShowName).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'namespaceShowName' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check namespace id format.
*
* @param namespaceId the namespace id
* @return the param check response
*/
public void checkNamespaceIdFormat(String namespaceId) {
public ParamCheckResponse checkNamespaceIdFormat(String namespaceId) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(namespaceId)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (namespaceId.length() > ParamCheckRules.MAX_NAMESPACE_ID_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'namespaceId/tenant' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_NAMESPACE_ID_LENGTH));
if (namespaceId.length() > paramCheckRule.maxNamespaceIdLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'namespaceId/tenant' is illegal, the param length should not exceed %d.",
paramCheckRule.maxNamespaceIdLength));
return paramCheckResponse;
}
if (!NAMESPACE_ID_PATTERN.matcher(namespaceId).matches()) {
throw new IllegalArgumentException(
"Param 'namespaceId/tenant' is illegal, illegal characters should not appear in the param.");
if (!namespaceIdPattern.matcher(namespaceId).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'namespaceId/tenant' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check data id format.
*
* @param dataId the data id
* @return the param check response
*/
public void checkDataIdFormat(String dataId) {
public ParamCheckResponse checkDataIdFormat(String dataId) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(dataId)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (dataId.length() > ParamCheckRules.MAX_DATA_ID_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'dataId' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_NAMESPACE_ID_LENGTH));
if (dataId.length() > paramCheckRule.maxDataIdLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'dataId' is illegal, the param length should not exceed %d.",
paramCheckRule.maxNamespaceIdLength));
return paramCheckResponse;
}
if (!DATA_ID_PATTERN.matcher(dataId).matches()) {
throw new IllegalArgumentException(
"Param 'dataId' is illegal, illegal characters should not appear in the param.");
if (!dataIdPattern.matcher(dataId).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'dataId' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check service name format.
*
* @param serviceName the service name
* @return the param check response
*/
public void checkServiceNameFormat(String serviceName) {
public ParamCheckResponse checkServiceNameFormat(String serviceName) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(serviceName)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (serviceName.length() > ParamCheckRules.MAX_SERVICE_NAME_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'serviceName' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_SERVICE_NAME_LENGTH));
if (serviceName.length() > paramCheckRule.maxServiceNameLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'serviceName' is illegal, the param length should not exceed %d.",
paramCheckRule.maxServiceNameLength));
return paramCheckResponse;
}
if (!SERVICE_NAME_PATTERN.matcher(serviceName).matches()) {
throw new IllegalArgumentException(
"Param 'serviceName' is illegal, illegal characters should not appear in the param.");
if (!serviceNamePattern.matcher(serviceName).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'serviceName' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check group format.
*
* @param group the group
* @return the param check response
*/
public void checkGroupFormat(String group) {
public ParamCheckResponse checkGroupFormat(String group) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(group)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (group.length() > ParamCheckRules.MAX_GROUP_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'group' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_GROUP_LENGTH));
if (group.length() > paramCheckRule.maxGroupLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'group' is illegal, the param length should not exceed %d.",
paramCheckRule.maxGroupLength));
return paramCheckResponse;
}
if (!GROUP_PATTERN.matcher(group).matches()) {
throw new IllegalArgumentException(
"Param 'group' is illegal, illegal characters should not appear in the param.");
if (!groupPattern.matcher(group).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'group' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check cluster format.
*
* @param clusterString the cluster string
* @return the param check response
*/
public void checkClusterFormat(String clusterString) {
public ParamCheckResponse checkClusterFormat(String clusterString) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(clusterString)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
String[] clusters = clusterString.split(",");
for (String cluster : clusters) {
checkSingleClusterFormat(cluster);
paramCheckResponse = checkSingleClusterFormat(cluster);
if (!paramCheckResponse.isSuccess()) {
return paramCheckResponse;
}
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check single cluster format.
*
* @param cluster the cluster
* @return the param check response
*/
public void checkSingleClusterFormat(String cluster) {
public ParamCheckResponse checkSingleClusterFormat(String cluster) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(cluster)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (cluster.length() > ParamCheckRules.MAX_CLUSTER_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'cluster' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_CLUSTER_LENGTH));
if (cluster.length() > paramCheckRule.maxClusterLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'cluster' is illegal, the param length should not exceed %d.",
paramCheckRule.maxClusterLength));
return paramCheckResponse;
}
if (!CLUSTER_PATTERN.matcher(cluster).matches()) {
throw new IllegalArgumentException(
"Param 'cluster' is illegal, illegal characters should not appear in the param.");
if (!clusterPattern.matcher(cluster).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'cluster' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check ip format.
*
* @param ip the ip
* @return the param check response
*/
public void checkIpFormat(String ip) {
public ParamCheckResponse checkIpFormat(String ip) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(ip)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
if (ip.length() > ParamCheckRules.MAX_IP_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'ip' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_IP_LENGTH));
if (ip.length() > paramCheckRule.maxIpLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'ip' is illegal, the param length should not exceed %d.",
paramCheckRule.maxIpLength));
return paramCheckResponse;
}
if (!IP_PATTERN.matcher(ip).matches()) {
throw new IllegalArgumentException(
"Param 'ip' is illegal, illegal characters should not appear in the param.");
if (!ipPattern.matcher(ip).matches()) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage("Param 'ip' is illegal, illegal characters should not appear in the param.");
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check port format.
*
* @param port the port
* @return the param check response
*/
public void checkPortFormat(String port) {
public ParamCheckResponse checkPortFormat(String port) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (StringUtils.isBlank(port)) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
int portInt = 0;
try {
portInt = Integer.parseInt(port);
} catch (Exception e) {
throw new IllegalArgumentException(
String.format("Param 'port' is illegal, the value should be between %d and %d",
ParamCheckRules.MIN_PORT, ParamCheckRules.MAX_PORT));
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'port' is illegal, the value should be between %d and %d",
paramCheckRule.minPort, paramCheckRule.maxPort));
return paramCheckResponse;
}
if (portInt > ParamCheckRules.MAX_PORT || portInt < ParamCheckRules.MIN_PORT) {
throw new IllegalArgumentException(
String.format("Param 'port' is illegal, the value should be between %d and %d",
ParamCheckRules.MIN_PORT, ParamCheckRules.MAX_PORT));
if (portInt > paramCheckRule.maxPort || portInt < paramCheckRule.minPort) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'port' is illegal, the value should be between %d and %d",
paramCheckRule.minPort, paramCheckRule.maxPort));
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
/**
* Check metadata format.
*
* @param metadata the metadata
* @return the param check response
*/
public void checkMetadataFormat(Map<String, String> metadata) {
public ParamCheckResponse checkMetadataFormat(Map<String, String> metadata) {
ParamCheckResponse paramCheckResponse = new ParamCheckResponse();
if (metadata == null || metadata.isEmpty()) {
return;
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
int totalLength = 0;
for (Map.Entry<String, String> entry : metadata.entrySet()) {
@ -279,10 +404,13 @@ public class DefaultParamChecker extends AbstractParamChecker {
totalLength = totalLength + entry.getValue().length();
}
}
if (totalLength > ParamCheckRules.MAX_METADATA_LENGTH) {
throw new IllegalArgumentException(
String.format("Param 'Metadata' is illegal, the param length should not exceed %d.",
ParamCheckRules.MAX_METADATA_LENGTH));
if (totalLength > paramCheckRule.maxMetadataLength) {
paramCheckResponse.setSuccess(false);
paramCheckResponse.setMessage(String.format("Param 'Metadata' is illegal, the param length should not exceed %d.",
paramCheckRule.maxMetadataLength));
return paramCheckResponse;
}
paramCheckResponse.setSuccess(true);
return paramCheckResponse;
}
}

45
common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckResponse.java Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.common.paramcheck;
/**
* The type Param check response.
*
* @author zhuoguang
*/
public class ParamCheckResponse {
private boolean success;
private String message;
public boolean isSuccess() {
return success;
}
public void setSuccess(boolean success) {
this.success = success;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
}

61
common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRule.java Normal file
View File

@ -0,0 +1,61 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.common.paramcheck;
/**
* Param check rules.
*
* @author zhuoguang
*/
public class ParamCheckRule {
public int maxNamespaceShowNameLength = 256;
public String namespaceShowNamePatternString = "^[^@#$%^&*]+$";
public int maxNamespaceIdLength = 64;
public String namespaceIdPatternString = "^[\\w-]+";
public int maxDataIdLength = 256;
public String dataIdPatternString = "^[a-zA-Z0-9-_:\\.]*$";
public int maxServiceNameLength = 512;
public String serviceNamePatternString = "^(?!@).((?!@@)[^\\u4E00-\\u9FA5\\s])*$";
public int maxGroupLength = 128;
public String groupPatternString = "^[a-zA-Z0-9-_:\\.]*$";
public int maxClusterLength = 64;
public String clusterPatternString = "^[0-9a-zA-Z-_]+$";
public int maxIpLength = 128;
public String ipPatternString = "^[^\\u4E00-\\u9FA5\\s]*$";
public int maxPort = 65535;
public int minPort = 0;
public int maxMetadataLength = 1024;
}

61
common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRules.java
View File

@ -1,61 +0,0 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.common.paramcheck;
/**
* Param check rules.
*
* @author zhuoguang
*/
public class ParamCheckRules {
public static final int MAX_NAMESPACE_SHOW_NAME_LENGTH = 256;
public static final String NAMESPACE_SHOW_NAME_PATTERN_STRING = "^[^@#$%^&*]+$";
public static final int MAX_NAMESPACE_ID_LENGTH = 64;
public static final String NAMESPACE_ID_PATTERN_STRING = "^[\\w-]+";
public static final int MAX_DATA_ID_LENGTH = 256;
public static final String DATA_ID_PATTERN_STRING = "^[a-zA-Z0-9-_:\\.]*$";
public static final int MAX_SERVICE_NAME_LENGTH = 512;
public static final String SERVICE_NAME_PATTERN_STRING = "^(?!@).((?!@@)[^\\u4E00-\\u9FA5\\s])*$";
public static final int MAX_GROUP_LENGTH = 128;
public static final String GROUP_PATTERN_STRING = "^[a-zA-Z0-9-_:\\.]*$";
public static final int MAX_CLUSTER_LENGTH = 64;
public static final String CLUSTER_PATTERN_STRING = "^[0-9a-zA-Z-_]+$";
public static final int MAX_IP_LENGTH = 128;
public static final String IP_PATTERN_STRING = "^[^\\u4E00-\\u9FA5\\s]*$";
public static final int MAX_PORT = 65535;
public static final int MIN_PORT = 0;
public static final int MAX_METADATA_LENGTH = 1024;
}

35
config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java
View File

@ -17,11 +17,13 @@
package com.alibaba.nacos.config.server.filter;
import com.alibaba.nacos.common.paramcheck.AbstractParamChecker;
import com.alibaba.nacos.common.paramcheck.ParamCheckResponse;
import com.alibaba.nacos.common.paramcheck.ParamCheckerManager;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig;
import com.alibaba.nacos.plugin.control.Loggers;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
@ -31,7 +33,6 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
/**
@ -61,13 +62,33 @@ public class ConfigParamCheckFilter implements Filter {
List<ParamInfo> paramInfoList = paramExtractor.extractParam(req);
ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance();
AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker());
paramChecker.checkParamInfoList(paramInfoList);
chain.doFilter(req, resp);
ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList);
if (paramCheckResponse.isSuccess()) {
chain.doFilter(req, resp);
} else {
generate400Response(resp, paramCheckResponse.getMessage());
}
} catch (Exception e) {
resp.setStatus(400);
PrintWriter writer = resp.getWriter();
writer.print(e.getMessage());
writer.flush();
generate400Response(resp, e.getMessage());
}
}
/**
* Generate 400 response.
*
* @param response the response
* @param message the message
*/
public void generate400Response(HttpServletResponse response, String message) {
try {
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setHeader("Cache-Control", "no-cache,no-store");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
response.getOutputStream().println(message);
} catch (Exception ex) {
Loggers.CONTROL.error("Error to generate tps 400 response", ex);
}
}
}

34
console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java
View File

@ -17,11 +17,13 @@
package com.alibaba.nacos.console.filter;
import com.alibaba.nacos.common.paramcheck.AbstractParamChecker;
import com.alibaba.nacos.common.paramcheck.ParamCheckResponse;
import com.alibaba.nacos.common.paramcheck.ParamCheckerManager;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig;
import com.alibaba.nacos.plugin.control.Loggers;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
@ -31,7 +33,6 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
/**
@ -61,13 +62,32 @@ public class ConsoleParamCheckFilter implements Filter {
List<ParamInfo> paramInfoList = paramExtractor.extractParam(req);
ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance();
AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker());
paramChecker.checkParamInfoList(paramInfoList);
chain.doFilter(request, resp);
ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList);
if (paramCheckResponse.isSuccess()) {
chain.doFilter(request, resp);
} else {
generate400Response(resp, paramCheckResponse.getMessage());
}
} catch (Exception e) {
resp.setStatus(400);
PrintWriter writer = resp.getWriter();
writer.print(e.getMessage());
writer.flush();
generate400Response(resp, e.getMessage());
}
}
/**
* Generate 400 response.
*
* @param response the response
* @param message the message
*/
public void generate400Response(HttpServletResponse response, String message) {
try {
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setHeader("Cache-Control", "no-cache,no-store");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
response.getOutputStream().println(message);
} catch (Exception ex) {
Loggers.CONTROL.error("Error to generate tps 400 response", ex);
}
}
}

9
core/src/main/java/com/alibaba/nacos/core/remote/grpc/GrpcServerParamCheckInterceptor.java
View File

@ -19,6 +19,7 @@ package com.alibaba.nacos.core.remote.grpc;
import com.alibaba.nacos.api.grpc.auto.Payload;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.common.paramcheck.AbstractParamChecker;
import com.alibaba.nacos.common.paramcheck.ParamCheckResponse;
import com.alibaba.nacos.common.paramcheck.ParamCheckerManager;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.common.remote.client.grpc.GrpcUtils;
@ -65,13 +66,15 @@ public class GrpcServerParamCheckInterceptor implements ServerInterceptor {
ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance();
AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(
ServerParamCheckConfig.getInstance().getActiveParamChecker());
paramChecker.checkParamInfoList(paramInfoList);
ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList);
if (!paramCheckResponse.isSuccess()) {
call.close(Status.INVALID_ARGUMENT.withDescription(paramCheckResponse.getMessage()), headers);
}
}
super.onMessage(message);
} catch (Exception e) {
call.close(Status.INVALID_ARGUMENT.withDescription(e.getMessage()), headers);
}
super.onMessage(message);
}
};
}

34
naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java
View File

@ -17,11 +17,13 @@
package com.alibaba.nacos.naming.web;
import com.alibaba.nacos.common.paramcheck.AbstractParamChecker;
import com.alibaba.nacos.common.paramcheck.ParamCheckResponse;
import com.alibaba.nacos.common.paramcheck.ParamCheckerManager;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig;
import com.alibaba.nacos.plugin.control.Loggers;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
@ -31,7 +33,6 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
/**
@ -61,14 +62,33 @@ public class NamingParamCheckFilter implements Filter {
List<ParamInfo> paramInfoList = paramExtractor.extractParam(request);
ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance();
AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker());
paramChecker.checkParamInfoList(paramInfoList);
filterChain.doFilter(request, resp);
ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList);
if (paramCheckResponse.isSuccess()) {
filterChain.doFilter(request, resp);
} else {
generate400Response(resp, paramCheckResponse.getMessage());
}
} catch (Exception e) {
resp.setStatus(400);
PrintWriter writer = resp.getWriter();
writer.print(e.getMessage());
writer.flush();
generate400Response(resp, e.getMessage());
}
}
/**
* Generate 400 response.
*
* @param response the response
* @param message the message
*/
public void generate400Response(HttpServletResponse response, String message) {
try {
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setHeader("Cache-Control", "no-cache,no-store");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
response.getOutputStream().println(message);
} catch (Exception ex) {
Loggers.CONTROL.error("Error to generate tps 400 response", ex);
}
}
}