diff --git a/common/src/main/java/com/alibaba/nacos/common/paramcheck/AbstractParamChecker.java b/common/src/main/java/com/alibaba/nacos/common/paramcheck/AbstractParamChecker.java index f763e5e5f..6bb827ad7 100644 --- a/common/src/main/java/com/alibaba/nacos/common/paramcheck/AbstractParamChecker.java +++ b/common/src/main/java/com/alibaba/nacos/common/paramcheck/AbstractParamChecker.java @@ -25,6 +25,12 @@ import java.util.List; */ public abstract class AbstractParamChecker { + protected ParamCheckRule paramCheckRule; + + public AbstractParamChecker() { + initParamCheckRule(); + } + /** * Gets checker type. * @@ -33,9 +39,15 @@ public abstract class AbstractParamChecker { public abstract String getCheckerType(); /** - * Check param info list. + * Check param info list param check response. * * @param paramInfos the param infos + * @return the param check response */ - public abstract void checkParamInfoList(List paramInfos); + public abstract ParamCheckResponse checkParamInfoList(List paramInfos); + + /** + * Init param check rule. + */ + public abstract void initParamCheckRule(); } diff --git a/common/src/main/java/com/alibaba/nacos/common/paramcheck/DefaultParamChecker.java b/common/src/main/java/com/alibaba/nacos/common/paramcheck/DefaultParamChecker.java index a09ec9f26..8c22d46cd 100644 --- a/common/src/main/java/com/alibaba/nacos/common/paramcheck/DefaultParamChecker.java +++ b/common/src/main/java/com/alibaba/nacos/common/paramcheck/DefaultParamChecker.java @@ -29,19 +29,19 @@ import java.util.regex.Pattern; */ public class DefaultParamChecker extends AbstractParamChecker { - private static final Pattern NAMESPACE_SHOW_NAME_PATTERN = Pattern.compile(ParamCheckRules.NAMESPACE_SHOW_NAME_PATTERN_STRING); + private Pattern namespaceShowNamePattern; - private static final Pattern NAMESPACE_ID_PATTERN = Pattern.compile(ParamCheckRules.NAMESPACE_ID_PATTERN_STRING); + private Pattern namespaceIdPattern; - private static final Pattern DATA_ID_PATTERN = Pattern.compile(ParamCheckRules.DATA_ID_PATTERN_STRING); + private Pattern dataIdPattern; - private static final Pattern SERVICE_NAME_PATTERN = Pattern.compile(ParamCheckRules.SERVICE_NAME_PATTERN_STRING); + private Pattern serviceNamePattern; - private static final Pattern GROUP_PATTERN = Pattern.compile(ParamCheckRules.GROUP_PATTERN_STRING); + private Pattern groupPattern; - private static final Pattern CLUSTER_PATTERN = Pattern.compile(ParamCheckRules.CLUSTER_PATTERN_STRING); + private Pattern clusterPattern; - private static final Pattern IP_PATTERN = Pattern.compile(ParamCheckRules.IP_PATTERN_STRING); + private Pattern ipPattern; private static final String CHECKER_TYPE = "default"; @@ -51,224 +51,349 @@ public class DefaultParamChecker extends AbstractParamChecker { } @Override - public void checkParamInfoList(List paramInfos) { + public ParamCheckResponse checkParamInfoList(List paramInfos) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (paramInfos == null) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } for (ParamInfo paramInfo : paramInfos) { - checkParamInfoFormat(paramInfo); + paramCheckResponse = checkParamInfoFormat(paramInfo); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; + } + + @Override + public void initParamCheckRule() { + this.paramCheckRule = new ParamCheckRule(); + initFormatPattern(); + } + + private void initFormatPattern() { + this.namespaceShowNamePattern = Pattern.compile(this.paramCheckRule.namespaceShowNamePatternString); + this.namespaceIdPattern = Pattern.compile(this.paramCheckRule.namespaceIdPatternString); + this.dataIdPattern = Pattern.compile(this.paramCheckRule.dataIdPatternString); + this.serviceNamePattern = Pattern.compile(this.paramCheckRule.serviceNamePatternString); + this.groupPattern = Pattern.compile(this.paramCheckRule.groupPatternString); + this.clusterPattern = Pattern.compile(this.paramCheckRule.clusterPatternString); + this.ipPattern = Pattern.compile(this.paramCheckRule.ipPatternString); } /** * Check param info format. * * @param paramInfo the param info + * @return the param check response */ - public void checkParamInfoFormat(ParamInfo paramInfo) { + public ParamCheckResponse checkParamInfoFormat(ParamInfo paramInfo) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (paramInfo == null) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - checkNamespaceShowNameFormat(paramInfo.getNamespaceShowName()); - checkNamespaceIdFormat(paramInfo.getNamespaceId()); - checkDataIdFormat(paramInfo.getDataId()); - checkServiceNameFormat(paramInfo.getServiceName()); - checkGroupFormat(paramInfo.getGroup()); - checkClusterFormat(paramInfo.getClusters()); - checkSingleClusterFormat(paramInfo.getCluster()); - checkIpFormat(paramInfo.getIp()); - checkPortFormat(paramInfo.getPort()); - checkMetadataFormat(paramInfo.getMetadata()); + paramCheckResponse = checkNamespaceShowNameFormat(paramInfo.getNamespaceShowName()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkNamespaceIdFormat(paramInfo.getNamespaceId()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkDataIdFormat(paramInfo.getDataId()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkServiceNameFormat(paramInfo.getServiceName()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkGroupFormat(paramInfo.getGroup()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkClusterFormat(paramInfo.getClusters()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkSingleClusterFormat(paramInfo.getCluster()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkIpFormat(paramInfo.getIp()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkPortFormat(paramInfo.getPort()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse = checkMetadataFormat(paramInfo.getMetadata()); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check namespace show name format. * * @param namespaceShowName the namespace show name + * @return the param check response */ - public void checkNamespaceShowNameFormat(String namespaceShowName) { + public ParamCheckResponse checkNamespaceShowNameFormat(String namespaceShowName) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(namespaceShowName)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (namespaceShowName.length() > ParamCheckRules.MAX_NAMESPACE_SHOW_NAME_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'namespaceShowName' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_NAMESPACE_SHOW_NAME_LENGTH)); + if (namespaceShowName.length() > paramCheckRule.maxNamespaceShowNameLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'namespaceShowName' is illegal, the param length should not exceed %d.", + paramCheckRule.maxNamespaceShowNameLength)); + return paramCheckResponse; } - if (!NAMESPACE_SHOW_NAME_PATTERN.matcher(namespaceShowName).matches()) { - throw new IllegalArgumentException( - "Param 'namespaceShowName' is illegal, illegal characters should not appear in the param."); + if (!namespaceShowNamePattern.matcher(namespaceShowName).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'namespaceShowName' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check namespace id format. * * @param namespaceId the namespace id + * @return the param check response */ - public void checkNamespaceIdFormat(String namespaceId) { + public ParamCheckResponse checkNamespaceIdFormat(String namespaceId) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(namespaceId)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (namespaceId.length() > ParamCheckRules.MAX_NAMESPACE_ID_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'namespaceId/tenant' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_NAMESPACE_ID_LENGTH)); + if (namespaceId.length() > paramCheckRule.maxNamespaceIdLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'namespaceId/tenant' is illegal, the param length should not exceed %d.", + paramCheckRule.maxNamespaceIdLength)); + return paramCheckResponse; } - if (!NAMESPACE_ID_PATTERN.matcher(namespaceId).matches()) { - throw new IllegalArgumentException( - "Param 'namespaceId/tenant' is illegal, illegal characters should not appear in the param."); + if (!namespaceIdPattern.matcher(namespaceId).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'namespaceId/tenant' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check data id format. * * @param dataId the data id + * @return the param check response */ - public void checkDataIdFormat(String dataId) { + public ParamCheckResponse checkDataIdFormat(String dataId) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(dataId)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (dataId.length() > ParamCheckRules.MAX_DATA_ID_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'dataId' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_NAMESPACE_ID_LENGTH)); + if (dataId.length() > paramCheckRule.maxDataIdLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'dataId' is illegal, the param length should not exceed %d.", + paramCheckRule.maxNamespaceIdLength)); + return paramCheckResponse; } - if (!DATA_ID_PATTERN.matcher(dataId).matches()) { - throw new IllegalArgumentException( - "Param 'dataId' is illegal, illegal characters should not appear in the param."); + if (!dataIdPattern.matcher(dataId).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'dataId' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check service name format. * * @param serviceName the service name + * @return the param check response */ - public void checkServiceNameFormat(String serviceName) { + public ParamCheckResponse checkServiceNameFormat(String serviceName) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(serviceName)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (serviceName.length() > ParamCheckRules.MAX_SERVICE_NAME_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'serviceName' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_SERVICE_NAME_LENGTH)); + if (serviceName.length() > paramCheckRule.maxServiceNameLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'serviceName' is illegal, the param length should not exceed %d.", + paramCheckRule.maxServiceNameLength)); + return paramCheckResponse; } - if (!SERVICE_NAME_PATTERN.matcher(serviceName).matches()) { - throw new IllegalArgumentException( - "Param 'serviceName' is illegal, illegal characters should not appear in the param."); + if (!serviceNamePattern.matcher(serviceName).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'serviceName' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check group format. * * @param group the group + * @return the param check response */ - public void checkGroupFormat(String group) { + public ParamCheckResponse checkGroupFormat(String group) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(group)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (group.length() > ParamCheckRules.MAX_GROUP_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'group' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_GROUP_LENGTH)); + if (group.length() > paramCheckRule.maxGroupLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'group' is illegal, the param length should not exceed %d.", + paramCheckRule.maxGroupLength)); + return paramCheckResponse; } - if (!GROUP_PATTERN.matcher(group).matches()) { - throw new IllegalArgumentException( - "Param 'group' is illegal, illegal characters should not appear in the param."); + if (!groupPattern.matcher(group).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'group' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check cluster format. * * @param clusterString the cluster string + * @return the param check response */ - public void checkClusterFormat(String clusterString) { + public ParamCheckResponse checkClusterFormat(String clusterString) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(clusterString)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } String[] clusters = clusterString.split(","); for (String cluster : clusters) { - checkSingleClusterFormat(cluster); + paramCheckResponse = checkSingleClusterFormat(cluster); + if (!paramCheckResponse.isSuccess()) { + return paramCheckResponse; + } } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check single cluster format. * * @param cluster the cluster + * @return the param check response */ - public void checkSingleClusterFormat(String cluster) { + public ParamCheckResponse checkSingleClusterFormat(String cluster) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(cluster)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (cluster.length() > ParamCheckRules.MAX_CLUSTER_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'cluster' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_CLUSTER_LENGTH)); + if (cluster.length() > paramCheckRule.maxClusterLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'cluster' is illegal, the param length should not exceed %d.", + paramCheckRule.maxClusterLength)); + return paramCheckResponse; } - if (!CLUSTER_PATTERN.matcher(cluster).matches()) { - throw new IllegalArgumentException( - "Param 'cluster' is illegal, illegal characters should not appear in the param."); + if (!clusterPattern.matcher(cluster).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'cluster' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check ip format. * * @param ip the ip + * @return the param check response */ - public void checkIpFormat(String ip) { + public ParamCheckResponse checkIpFormat(String ip) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(ip)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } - if (ip.length() > ParamCheckRules.MAX_IP_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'ip' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_IP_LENGTH)); + if (ip.length() > paramCheckRule.maxIpLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'ip' is illegal, the param length should not exceed %d.", + paramCheckRule.maxIpLength)); + return paramCheckResponse; } - if (!IP_PATTERN.matcher(ip).matches()) { - throw new IllegalArgumentException( - "Param 'ip' is illegal, illegal characters should not appear in the param."); + if (!ipPattern.matcher(ip).matches()) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage("Param 'ip' is illegal, illegal characters should not appear in the param."); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check port format. * * @param port the port + * @return the param check response */ - public void checkPortFormat(String port) { + public ParamCheckResponse checkPortFormat(String port) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (StringUtils.isBlank(port)) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } int portInt = 0; try { portInt = Integer.parseInt(port); } catch (Exception e) { - throw new IllegalArgumentException( - String.format("Param 'port' is illegal, the value should be between %d and %d", - ParamCheckRules.MIN_PORT, ParamCheckRules.MAX_PORT)); + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'port' is illegal, the value should be between %d and %d", + paramCheckRule.minPort, paramCheckRule.maxPort)); + return paramCheckResponse; } - if (portInt > ParamCheckRules.MAX_PORT || portInt < ParamCheckRules.MIN_PORT) { - throw new IllegalArgumentException( - String.format("Param 'port' is illegal, the value should be between %d and %d", - ParamCheckRules.MIN_PORT, ParamCheckRules.MAX_PORT)); + if (portInt > paramCheckRule.maxPort || portInt < paramCheckRule.minPort) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'port' is illegal, the value should be between %d and %d", + paramCheckRule.minPort, paramCheckRule.maxPort)); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } /** * Check metadata format. * * @param metadata the metadata + * @return the param check response */ - public void checkMetadataFormat(Map metadata) { + public ParamCheckResponse checkMetadataFormat(Map metadata) { + ParamCheckResponse paramCheckResponse = new ParamCheckResponse(); if (metadata == null || metadata.isEmpty()) { - return; + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } int totalLength = 0; for (Map.Entry entry : metadata.entrySet()) { @@ -279,10 +404,13 @@ public class DefaultParamChecker extends AbstractParamChecker { totalLength = totalLength + entry.getValue().length(); } } - if (totalLength > ParamCheckRules.MAX_METADATA_LENGTH) { - throw new IllegalArgumentException( - String.format("Param 'Metadata' is illegal, the param length should not exceed %d.", - ParamCheckRules.MAX_METADATA_LENGTH)); + if (totalLength > paramCheckRule.maxMetadataLength) { + paramCheckResponse.setSuccess(false); + paramCheckResponse.setMessage(String.format("Param 'Metadata' is illegal, the param length should not exceed %d.", + paramCheckRule.maxMetadataLength)); + return paramCheckResponse; } + paramCheckResponse.setSuccess(true); + return paramCheckResponse; } } diff --git a/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckResponse.java b/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckResponse.java new file mode 100644 index 000000000..22f27f7dc --- /dev/null +++ b/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckResponse.java @@ -0,0 +1,45 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.common.paramcheck; + +/** + * The type Param check response. + * + * @author zhuoguang + */ +public class ParamCheckResponse { + + private boolean success; + + private String message; + + public boolean isSuccess() { + return success; + } + + public void setSuccess(boolean success) { + this.success = success; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } +} diff --git a/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRule.java b/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRule.java new file mode 100644 index 000000000..d698f1b7f --- /dev/null +++ b/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRule.java @@ -0,0 +1,61 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.common.paramcheck; + +/** + * Param check rules. + * + * @author zhuoguang + */ +public class ParamCheckRule { + + public int maxNamespaceShowNameLength = 256; + + public String namespaceShowNamePatternString = "^[^@#$%^&*]+$"; + + public int maxNamespaceIdLength = 64; + + public String namespaceIdPatternString = "^[\\w-]+"; + + public int maxDataIdLength = 256; + + public String dataIdPatternString = "^[a-zA-Z0-9-_:\\.]*$"; + + public int maxServiceNameLength = 512; + + public String serviceNamePatternString = "^(?!@).((?!@@)[^\\u4E00-\\u9FA5\\s])*$"; + + public int maxGroupLength = 128; + + public String groupPatternString = "^[a-zA-Z0-9-_:\\.]*$"; + + public int maxClusterLength = 64; + + public String clusterPatternString = "^[0-9a-zA-Z-_]+$"; + + public int maxIpLength = 128; + + public String ipPatternString = "^[^\\u4E00-\\u9FA5\\s]*$"; + + public int maxPort = 65535; + + public int minPort = 0; + + public int maxMetadataLength = 1024; + + +} diff --git a/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRules.java b/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRules.java deleted file mode 100644 index d2b24c478..000000000 --- a/common/src/main/java/com/alibaba/nacos/common/paramcheck/ParamCheckRules.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 1999-2023 Alibaba Group Holding Ltd. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.alibaba.nacos.common.paramcheck; - -/** - * Param check rules. - * - * @author zhuoguang - */ -public class ParamCheckRules { - - public static final int MAX_NAMESPACE_SHOW_NAME_LENGTH = 256; - - public static final String NAMESPACE_SHOW_NAME_PATTERN_STRING = "^[^@#$%^&*]+$"; - - public static final int MAX_NAMESPACE_ID_LENGTH = 64; - - public static final String NAMESPACE_ID_PATTERN_STRING = "^[\\w-]+"; - - public static final int MAX_DATA_ID_LENGTH = 256; - - public static final String DATA_ID_PATTERN_STRING = "^[a-zA-Z0-9-_:\\.]*$"; - - public static final int MAX_SERVICE_NAME_LENGTH = 512; - - public static final String SERVICE_NAME_PATTERN_STRING = "^(?!@).((?!@@)[^\\u4E00-\\u9FA5\\s])*$"; - - public static final int MAX_GROUP_LENGTH = 128; - - public static final String GROUP_PATTERN_STRING = "^[a-zA-Z0-9-_:\\.]*$"; - - public static final int MAX_CLUSTER_LENGTH = 64; - - public static final String CLUSTER_PATTERN_STRING = "^[0-9a-zA-Z-_]+$"; - - public static final int MAX_IP_LENGTH = 128; - - public static final String IP_PATTERN_STRING = "^[^\\u4E00-\\u9FA5\\s]*$"; - - public static final int MAX_PORT = 65535; - - public static final int MIN_PORT = 0; - - public static final int MAX_METADATA_LENGTH = 1024; - - -} diff --git a/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java b/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java index c9e20430f..2dad1c226 100644 --- a/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java +++ b/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java @@ -17,11 +17,13 @@ package com.alibaba.nacos.config.server.filter; import com.alibaba.nacos.common.paramcheck.AbstractParamChecker; +import com.alibaba.nacos.common.paramcheck.ParamCheckResponse; import com.alibaba.nacos.common.paramcheck.ParamCheckerManager; import com.alibaba.nacos.common.paramcheck.ParamInfo; import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig; +import com.alibaba.nacos.plugin.control.Loggers; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -31,7 +33,6 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.PrintWriter; import java.util.List; /** @@ -61,13 +62,33 @@ public class ConfigParamCheckFilter implements Filter { List paramInfoList = paramExtractor.extractParam(req); ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance(); AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker()); - paramChecker.checkParamInfoList(paramInfoList); - chain.doFilter(req, resp); + ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList); + if (paramCheckResponse.isSuccess()) { + chain.doFilter(req, resp); + } else { + generate400Response(resp, paramCheckResponse.getMessage()); + } } catch (Exception e) { - resp.setStatus(400); - PrintWriter writer = resp.getWriter(); - writer.print(e.getMessage()); - writer.flush(); + generate400Response(resp, e.getMessage()); + } + + } + + /** + * Generate 400 response. + * + * @param response the response + * @param message the message + */ + public void generate400Response(HttpServletResponse response, String message) { + try { + response.setHeader("Pragma", "no-cache"); + response.setDateHeader("Expires", 0); + response.setHeader("Cache-Control", "no-cache,no-store"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.getOutputStream().println(message); + } catch (Exception ex) { + Loggers.CONTROL.error("Error to generate tps 400 response", ex); } } } diff --git a/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java b/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java index 20af5b414..a7e12a4a5 100644 --- a/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java +++ b/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java @@ -17,11 +17,13 @@ package com.alibaba.nacos.console.filter; import com.alibaba.nacos.common.paramcheck.AbstractParamChecker; +import com.alibaba.nacos.common.paramcheck.ParamCheckResponse; import com.alibaba.nacos.common.paramcheck.ParamCheckerManager; import com.alibaba.nacos.common.paramcheck.ParamInfo; import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig; +import com.alibaba.nacos.plugin.control.Loggers; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -31,7 +33,6 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.PrintWriter; import java.util.List; /** @@ -61,13 +62,32 @@ public class ConsoleParamCheckFilter implements Filter { List paramInfoList = paramExtractor.extractParam(req); ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance(); AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker()); - paramChecker.checkParamInfoList(paramInfoList); - chain.doFilter(request, resp); + ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList); + if (paramCheckResponse.isSuccess()) { + chain.doFilter(request, resp); + } else { + generate400Response(resp, paramCheckResponse.getMessage()); + } } catch (Exception e) { - resp.setStatus(400); - PrintWriter writer = resp.getWriter(); - writer.print(e.getMessage()); - writer.flush(); + generate400Response(resp, e.getMessage()); + } + } + + /** + * Generate 400 response. + * + * @param response the response + * @param message the message + */ + public void generate400Response(HttpServletResponse response, String message) { + try { + response.setHeader("Pragma", "no-cache"); + response.setDateHeader("Expires", 0); + response.setHeader("Cache-Control", "no-cache,no-store"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.getOutputStream().println(message); + } catch (Exception ex) { + Loggers.CONTROL.error("Error to generate tps 400 response", ex); } } } diff --git a/core/src/main/java/com/alibaba/nacos/core/remote/grpc/GrpcServerParamCheckInterceptor.java b/core/src/main/java/com/alibaba/nacos/core/remote/grpc/GrpcServerParamCheckInterceptor.java index 5551085e3..a0d0f444a 100644 --- a/core/src/main/java/com/alibaba/nacos/core/remote/grpc/GrpcServerParamCheckInterceptor.java +++ b/core/src/main/java/com/alibaba/nacos/core/remote/grpc/GrpcServerParamCheckInterceptor.java @@ -19,6 +19,7 @@ package com.alibaba.nacos.core.remote.grpc; import com.alibaba.nacos.api.grpc.auto.Payload; import com.alibaba.nacos.api.remote.request.Request; import com.alibaba.nacos.common.paramcheck.AbstractParamChecker; +import com.alibaba.nacos.common.paramcheck.ParamCheckResponse; import com.alibaba.nacos.common.paramcheck.ParamCheckerManager; import com.alibaba.nacos.common.paramcheck.ParamInfo; import com.alibaba.nacos.common.remote.client.grpc.GrpcUtils; @@ -65,13 +66,15 @@ public class GrpcServerParamCheckInterceptor implements ServerInterceptor { ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance(); AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker( ServerParamCheckConfig.getInstance().getActiveParamChecker()); - paramChecker.checkParamInfoList(paramInfoList); + ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList); + if (!paramCheckResponse.isSuccess()) { + call.close(Status.INVALID_ARGUMENT.withDescription(paramCheckResponse.getMessage()), headers); + } } - super.onMessage(message); } catch (Exception e) { call.close(Status.INVALID_ARGUMENT.withDescription(e.getMessage()), headers); } - + super.onMessage(message); } }; } diff --git a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java index 72f836501..57b6b5764 100644 --- a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java +++ b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java @@ -17,11 +17,13 @@ package com.alibaba.nacos.naming.web; import com.alibaba.nacos.common.paramcheck.AbstractParamChecker; +import com.alibaba.nacos.common.paramcheck.ParamCheckResponse; import com.alibaba.nacos.common.paramcheck.ParamCheckerManager; import com.alibaba.nacos.common.paramcheck.ParamInfo; import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; import com.alibaba.nacos.core.paramcheck.ServerParamCheckConfig; +import com.alibaba.nacos.plugin.control.Loggers; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -31,7 +33,6 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.PrintWriter; import java.util.List; /** @@ -61,14 +62,33 @@ public class NamingParamCheckFilter implements Filter { List paramInfoList = paramExtractor.extractParam(request); ParamCheckerManager paramCheckerManager = ParamCheckerManager.getInstance(); AbstractParamChecker paramChecker = paramCheckerManager.getParamChecker(ServerParamCheckConfig.getInstance().getActiveParamChecker()); - paramChecker.checkParamInfoList(paramInfoList); - filterChain.doFilter(request, resp); + ParamCheckResponse paramCheckResponse = paramChecker.checkParamInfoList(paramInfoList); + if (paramCheckResponse.isSuccess()) { + filterChain.doFilter(request, resp); + } else { + generate400Response(resp, paramCheckResponse.getMessage()); + } } catch (Exception e) { - resp.setStatus(400); - PrintWriter writer = resp.getWriter(); - writer.print(e.getMessage()); - writer.flush(); + generate400Response(resp, e.getMessage()); } } + + /** + * Generate 400 response. + * + * @param response the response + * @param message the message + */ + public void generate400Response(HttpServletResponse response, String message) { + try { + response.setHeader("Pragma", "no-cache"); + response.setDateHeader("Expires", 0); + response.setHeader("Cache-Control", "no-cache,no-store"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + response.getOutputStream().println(message); + } catch (Exception ex) { + Loggers.CONTROL.error("Error to generate tps 400 response", ex); + } + } }