nonehat commented on issue #2591:
URL:
https://github.com/apache/servicecomb-java-chassis/issues/2591#issuecomment-924520032
String uri = io.vertx.core.http.HttpServerRequest.path() ;
然后依赖uri做访问控制,比如针对特定的uri需要检查是否为admin访问:
if (uri.equals("/api/v2/admin/only")) {
// 检查请求的cookie对应是否为admin
// 若是,则放行;否则,拒绝。
}
这种case,将请求uri修改为 /api/v2/admin/////////only
就可以bypass这个检查,同时可以正常dispatch到handler。
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
