Class MultipartMalwareScanReader
- java.lang.Object
-
- de.xima.fc.api.rest.impl.common.reader.MultipartMalwareScanReader
-
- All Implemented Interfaces:
javax.ws.rs.ext.MessageBodyReader<org.jboss.resteasy.plugins.providers.multipart.MultipartInput>
@Provider @Priority(5000) @Consumes("multipart/*") public class MultipartMalwareScanReader extends ObjectA reader for 'multipart/*' requests that checks uploads for invalid/illegal content. If such content is detected, the request is rejected.- Since:
- 8.4.0
- Author:
- XIMA MEDIA GmbH, Dresden
-
-
Field Summary
Fields Modifier and Type Field Description protected javax.ws.rs.ext.Providersworkers
-
Constructor Summary
Constructors Constructor Description MultipartMalwareScanReader()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanisReadable(Class<?> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType)Checks if the given type is supported by this multipart reader implementation.protected TprepareAndVerify(javax.ws.rs.core.MediaType mediaType, javax.servlet.http.HttpServletRequest servletRequest, Supplier<org.jboss.resteasy.plugins.providers.multipart.MultipartInputImpl> multipartInputFactory)Processes the multipart data and does the actual malware and content type checks.org.jboss.resteasy.plugins.providers.multipart.MultipartInputreadFrom(Class<org.jboss.resteasy.plugins.providers.multipart.MultipartInput> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType, javax.ws.rs.core.MultivaluedMap<String,String> httpHeaders, InputStream entityStream)Reads the request and scans the content of the parts for malware.
-
-
-
Method Detail
-
readFrom
public org.jboss.resteasy.plugins.providers.multipart.MultipartInput readFrom(Class<org.jboss.resteasy.plugins.providers.multipart.MultipartInput> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType, javax.ws.rs.core.MultivaluedMap<String,String> httpHeaders, InputStream entityStream) throws IOException, javax.ws.rs.WebApplicationException
Reads the request and scans the content of the parts for malware. If malware is detected, the request is rejected.- Parameters:
type- the type to readgenericType- the generic typeannotations- the annotationsmediaType- the media typehttpHeaders- the HTTP headersentityStream- the input stream- Returns:
- the parsed and verified
MultipartInput - Throws:
IOException- if an I/O error occursjavax.ws.rs.WebApplicationException- if a web application error occurs
-
isReadable
public boolean isReadable(Class<?> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType)
Checks if the given type is supported by this multipart reader implementation.- Specified by:
isReadablein interfacejavax.ws.rs.ext.MessageBodyReader<T extends org.jboss.resteasy.plugins.providers.multipart.MultipartInput>- Parameters:
type- the type to checkgenericType- the generic typeannotations- the annotationsmediaType- the media type- Returns:
- true if the type matches, false otherwise
-
prepareAndVerify
protected T prepareAndVerify(javax.ws.rs.core.MediaType mediaType, javax.servlet.http.HttpServletRequest servletRequest, Supplier<org.jboss.resteasy.plugins.providers.multipart.MultipartInputImpl> multipartInputFactory) throws IOException, UnsafeUploadRequestExceptionProcesses the multipart data and does the actual malware and content type checks.- Parameters:
mediaType- the media typeservletRequest- resteasy context: the related requestmultipartInputFactory- supplier for creating the concreteMultipartInputinstance- Returns:
- a new instance of
T - Throws:
IOException- in case of an I/O errorjavax.ws.rs.WebApplicationException- in case of detected malware or a mismatching content typeUnsafeUploadRequestException
-
-