Class MultipartMalwareScanReader
java.lang.Object
de.xima.fc.api.rest.impl.common.reader.MultipartMalwareScanReader
- All Implemented Interfaces:
javax.ws.rs.ext.MessageBodyReader<org.jboss.resteasy.plugins.providers.multipart.MultipartInput>
@Provider
@Priority(5000)
@Consumes("multipart/*")
public class MultipartMalwareScanReader
extends Object
A reader for 'multipart/*' requests that checks uploads for invalid/illegal content. If such content is detected, the
request is rejected.
- Since:
- 8.4.0
- Author:
- XIMA MEDIA GmbH, Dresden
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanisReadable(Class<?> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType) Checks if the given type is supported by this multipart reader implementation.protected org.jboss.resteasy.plugins.providers.multipart.MultipartInputprepareAndVerify(javax.ws.rs.core.MediaType mediaType, javax.servlet.http.HttpServletRequest servletRequest, Supplier<org.jboss.resteasy.plugins.providers.multipart.MultipartInputImpl> multipartInputFactory) Processes the multipart data and does the actual malware and content type checks.org.jboss.resteasy.plugins.providers.multipart.MultipartInputreadFrom(Class<org.jboss.resteasy.plugins.providers.multipart.MultipartInput> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType, javax.ws.rs.core.MultivaluedMap<String, String> httpHeaders, InputStream entityStream) Reads the request and scans the content of the parts for malware.
-
Field Details
-
workers
@Context protected javax.ws.rs.ext.Providers workers
-
-
Constructor Details
-
MultipartMalwareScanReader
public MultipartMalwareScanReader()
-
-
Method Details
-
readFrom
public org.jboss.resteasy.plugins.providers.multipart.MultipartInput readFrom(Class<org.jboss.resteasy.plugins.providers.multipart.MultipartInput> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType, javax.ws.rs.core.MultivaluedMap<String, String> httpHeaders, InputStream entityStream) throws IOException, javax.ws.rs.WebApplicationExceptionReads the request and scans the content of the parts for malware. If malware is detected, the request is rejected.- Parameters:
type- the type to readgenericType- the generic typeannotations- the annotationsmediaType- the media typehttpHeaders- the HTTP headersentityStream- the input stream- Returns:
- the parsed and verified
MultipartInput - Throws:
IOException- if an I/O error occursjavax.ws.rs.WebApplicationException- if a web application error occurs
-
isReadable
public boolean isReadable(Class<?> type, Type genericType, Annotation[] annotations, javax.ws.rs.core.MediaType mediaType) Checks if the given type is supported by this multipart reader implementation.- Specified by:
isReadablein interfacejavax.ws.rs.ext.MessageBodyReader<T extends org.jboss.resteasy.plugins.providers.multipart.MultipartInput>- Parameters:
type- the type to checkgenericType- the generic typeannotations- the annotationsmediaType- the media type- Returns:
- true if the type matches, false otherwise
-
prepareAndVerify
protected org.jboss.resteasy.plugins.providers.multipart.MultipartInput prepareAndVerify(javax.ws.rs.core.MediaType mediaType, javax.servlet.http.HttpServletRequest servletRequest, Supplier<org.jboss.resteasy.plugins.providers.multipart.MultipartInputImpl> multipartInputFactory) throws IOException, UnsafeUploadRequestException Processes the multipart data and does the actual malware and content type checks.- Parameters:
mediaType- the media typeservletRequest- resteasy context: the related requestmultipartInputFactory- supplier for creating the concreteMultipartInputinstance- Returns:
- a new instance of
T - Throws:
IOException- in case of an I/O errorjavax.ws.rs.WebApplicationException- in case of detected malware or a mismatching content typeUnsafeUploadRequestException
-