Hey, Here is a patch for adding some validation to the HTTP proxy field on the general config page (https://<hostname>/rhn/admin/config/GeneralConfig.do).
This validator will allow FQDN or FQDN:port only, while a simple hostname will not pass. IPv4 addresses will pass, but IPv6 won't. Feel free to propose changes, this can be done in many different ways. I just went for an easy approach that reuses some existing and tested code, but we can also use a regex if you prefer that. BTW: Does anybody know why all error messages on that particular page keep on appearing twice? Or it's not the case for you? I might look after this bug as well.. Thanks, Johannes -- SUSE LINUX Products GmbH, HRB 16746 (AG Nürnberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer
>From 8ecd2908bb32bbce565503176b6fe937e851a2de Mon Sep 17 00:00:00 2001 From: Johannes Renner <jren...@suse.de> Date: Mon, 10 Sep 2012 11:31:13 +0200 Subject: [PATCH] Validate proxy format on general config page --- .../rhn/common/validator/HostPortValidator.java | 37 ++++++++++++++++++++ .../action/satellite/GeneralConfigAction.java | 14 ++++++-- .../frontend/strings/java/StringResource_en_US.xml | 8 ++++ 3 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java diff --git a/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java b/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java new file mode 100644 index 0000000..a52449a --- /dev/null +++ b/java/code/src/com/redhat/rhn/common/validator/HostPortValidator.java @@ -0,0 +1,37 @@ +/** + * Copyright (c) 2012 Novell + * + * This software is licensed to you under the GNU General Public License, + * version 2 (GPLv2). There is NO WARRANTY for this software, express or + * implied, including the implied warranties of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 + * along with this software; if not, see + * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + * + * Red Hat trademarks are not licensed under GPLv2. No permission is + * granted to use or replicate Red Hat trademarks that are incorporated + * in this software or its documentation. + */ +package com.redhat.rhn.common.validator; + +import org.apache.commons.validator.UrlValidator; + +/** + * Simple host[:port] validation reusing {@link UrlValidator} internals. + */ +public class HostPortValidator extends UrlValidator { + + // Singleton instance + private static HostPortValidator instance; + + public static HostPortValidator getInstance() { + if (instance == null) { + instance = new HostPortValidator(); + } + return instance; + } + + public boolean isValidHostPort(String hostPort) { + return isValidAuthority(hostPort); + } +} diff --git a/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java b/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java index 53cb5f2..2287b64 100644 --- a/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java +++ b/java/code/src/com/redhat/rhn/frontend/action/satellite/GeneralConfigAction.java @@ -16,6 +16,7 @@ package com.redhat.rhn.frontend.action.satellite; import com.redhat.rhn.common.conf.Config; import com.redhat.rhn.common.conf.ConfigDefaults; +import com.redhat.rhn.common.validator.HostPortValidator; import com.redhat.rhn.common.validator.ValidatorError; import com.redhat.rhn.domain.user.User; import com.redhat.rhn.frontend.struts.RequestContext; @@ -213,7 +214,16 @@ public class GeneralConfigAction extends BaseConfigAction { */ private ActionErrors validateForm(DynaActionForm form) { ActionErrors errors = new ActionErrors(); - String email = (String) form.get(translateFormPropertyName("traceback_mail")); + + // Check if proxy is given as host:port + String proxy = (String) form.get( + translateFormPropertyName("server.satellite.http_proxy")); + HostPortValidator validator = HostPortValidator.getInstance(); + if (!(proxy.equals("") || validator.isValidHostPort(proxy))) { + errors.add(ActionMessages.GLOBAL_MESSAGE, + new ActionMessage("error.proxy_invalid")); + } + String password = (String) form.get( translateFormPropertyName("server.satellite.http_proxy_password")); String confirmationPassword = (String) form.get( @@ -234,6 +244,4 @@ public class GeneralConfigAction extends BaseConfigAction { return errors; } - } - diff --git a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml b/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml index 86e3bd7..507e32d 100644 --- a/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml +++ b/java/code/src/com/redhat/rhn/frontend/strings/java/StringResource_en_US.xml @@ -1179,6 +1179,14 @@ http://www.oasis-open.org/committees/xliff/documents/xliff-core-1.1.xsd" <context context-type="sourcefile">com.redhat.rhn.frontend.action.monitoring.notification.AbstractFilterEditAction</context> </context-group> </trans-unit> + + <trans-unit id="error.proxy_invalid"> +<source>HTTP proxy needs to be specified as host:port.</source> + <context-group name="ctx"> + <context context-type="sourcefile">/rhn/admin/config/GeneralConfig</context> + </context-group> + </trans-unit> + <trans-unit id="/rhn/"> <source>That username is already taken; please choose another.</source> <context-group name="ctx"> -- 1.7.7
_______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel