mirror of
https://gitee.com/kekingcn/file-online-preview.git
synced 2025-08-20 00:44:35 +08:00
Add SSL ignore for restTemplate.
This commit is contained in:
devbean
parent
cc63659650
commit
5ff1b4c9bd
@ -6,9 +6,6 @@ import cn.keking.model.ReturnResponse;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import io.mola.galimatias.GalimatiasParseException;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.impl.client.DefaultRedirectStrategy;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.http.HttpMethod;
|
||||
@ -22,6 +19,9 @@ import java.io.File;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
@ -93,8 +93,7 @@ public class DownloadUtils {
|
||||
factory.setConnectionRequestTimeout(2000); //设置超时时间
|
||||
factory.setConnectTimeout(10000);
|
||||
factory.setReadTimeout(72000);
|
||||
HttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new DefaultRedirectStrategy()).build();
|
||||
factory.setHttpClient(httpClient); //加入重定向方法
|
||||
factory.setHttpClient(SslUtils.getIgnoreSslHttpClient()); //加入重定向方法
|
||||
restTemplate.setRequestFactory(factory);
|
||||
RequestCallback requestCallback = request -> {
|
||||
request.getHeaders().setAccept(Arrays.asList(MediaType.APPLICATION_OCTET_STREAM, MediaType.ALL));
|
||||
@ -128,7 +127,11 @@ public class DownloadUtils {
|
||||
response.setContent(realPath);
|
||||
response.setMsg(fileName);
|
||||
return response;
|
||||
} catch (IOException | GalimatiasParseException e) {
|
||||
} catch (IOException
|
||||
| GalimatiasParseException
|
||||
| NoSuchAlgorithmException
|
||||
| KeyStoreException
|
||||
| KeyManagementException e) {
|
||||
logger.error("文件下载失败,url:{}", urlStr);
|
||||
response.setCode(1);
|
||||
response.setContent(null);
|
||||
|
||||
@ -1,6 +1,16 @@
|
||||
package cn.keking.utils;
|
||||
|
||||
import org.apache.http.conn.ssl.NoopHostnameVerifier;
|
||||
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.DefaultRedirectStrategy;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.ssl.SSLContextBuilder;
|
||||
|
||||
import javax.net.ssl.*;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
@ -39,4 +49,15 @@ public class SslUtils {
|
||||
HttpsURLConnection.setDefaultHostnameVerifier(hv);
|
||||
}
|
||||
|
||||
public static CloseableHttpClient getIgnoreSslHttpClient() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
|
||||
SSLContext sslContext = SSLContextBuilder.create()
|
||||
.loadTrustMaterial((chain, authType) -> true)
|
||||
.build();
|
||||
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
|
||||
return HttpClients.custom()
|
||||
.setSSLSocketFactory(socketFactory)
|
||||
.setRedirectStrategy(new DefaultRedirectStrategy())
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,13 +7,11 @@ import cn.keking.service.FilePreviewFactory;
|
||||
import cn.keking.service.cache.CacheService;
|
||||
import cn.keking.service.impl.OtherFilePreviewImpl;
|
||||
import cn.keking.utils.KkFileUtils;
|
||||
import cn.keking.utils.SslUtils;
|
||||
import cn.keking.utils.WebUtils;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import fr.opensagres.xdocreport.core.io.IOUtils;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.impl.client.DefaultRedirectStrategy;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.http.HttpMethod;
|
||||
@ -33,6 +31,9 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@ -53,7 +54,7 @@ public class OnlinePreviewController {
|
||||
private final FileHandlerService fileHandlerService;
|
||||
private final OtherFilePreviewImpl otherFilePreview;
|
||||
private static final RestTemplate restTemplate = new RestTemplate();
|
||||
private static final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
|
||||
private static final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
|
||||
private static final ObjectMapper mapper = new ObjectMapper();
|
||||
|
||||
public OnlinePreviewController(FilePreviewFactory filePreviewFactory, FileHandlerService fileHandlerService, CacheService cacheService, OtherFilePreviewImpl otherFilePreview) {
|
||||
@ -63,7 +64,7 @@ public class OnlinePreviewController {
|
||||
this.otherFilePreview = otherFilePreview;
|
||||
}
|
||||
|
||||
@GetMapping( "/onlinePreview")
|
||||
@GetMapping("/onlinePreview")
|
||||
public String onlinePreview(String url, Model model, HttpServletRequest req) {
|
||||
|
||||
String fileUrl;
|
||||
@ -77,14 +78,14 @@ public class OnlinePreviewController {
|
||||
model.addAttribute("file", fileAttribute);
|
||||
FilePreview filePreview = previewFactory.get(fileAttribute);
|
||||
logger.info("预览文件url:{},previewType:{}", fileUrl, fileAttribute.getType());
|
||||
fileUrl =WebUtils.urlEncoderencode(fileUrl);
|
||||
fileUrl = WebUtils.urlEncoderencode(fileUrl);
|
||||
if (ObjectUtils.isEmpty(fileUrl)) {
|
||||
return otherFilePreview.notSupportedFile(model, "非法路径,不允许访问");
|
||||
}
|
||||
return filePreview.filePreviewHandle(fileUrl, model, fileAttribute); //统一在这里处理 url
|
||||
}
|
||||
|
||||
@GetMapping( "/picturesPreview")
|
||||
@GetMapping("/picturesPreview")
|
||||
public String picturesPreview(String urls, Model model, HttpServletRequest req) {
|
||||
String fileUrls;
|
||||
try {
|
||||
@ -103,7 +104,7 @@ public class OnlinePreviewController {
|
||||
String currentUrl = req.getParameter("currentUrl");
|
||||
if (StringUtils.hasText(currentUrl)) {
|
||||
String decodedCurrentUrl = new String(Base64.decodeBase64(currentUrl));
|
||||
decodedCurrentUrl = KkFileUtils.htmlEscape(decodedCurrentUrl); // 防止XSS攻击
|
||||
decodedCurrentUrl = KkFileUtils.htmlEscape(decodedCurrentUrl); // 防止XSS攻击
|
||||
model.addAttribute("currentUrl", decodedCurrentUrl);
|
||||
} else {
|
||||
model.addAttribute("currentUrl", imgUrls.get(0));
|
||||
@ -119,13 +120,13 @@ public class OnlinePreviewController {
|
||||
* @param response response
|
||||
*/
|
||||
@GetMapping("/getCorsFile")
|
||||
public void getCorsFile(String urlPath, HttpServletResponse response,FileAttribute fileAttribute) throws IOException {
|
||||
public void getCorsFile(String urlPath, HttpServletResponse response, FileAttribute fileAttribute) throws IOException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
|
||||
URL url;
|
||||
try {
|
||||
urlPath = WebUtils.decodeUrl(urlPath);
|
||||
url = WebUtils.normalizedURL(urlPath);
|
||||
} catch (Exception ex) {
|
||||
logger.error(String.format(BASE64_DECODE_ERROR_MSG, urlPath),ex);
|
||||
logger.error(String.format(BASE64_DECODE_ERROR_MSG, urlPath), ex);
|
||||
return;
|
||||
}
|
||||
assert urlPath != null;
|
||||
@ -139,14 +140,13 @@ public class OnlinePreviewController {
|
||||
factory.setConnectionRequestTimeout(2000);
|
||||
factory.setConnectTimeout(10000);
|
||||
factory.setReadTimeout(72000);
|
||||
HttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new DefaultRedirectStrategy()).build();
|
||||
factory.setHttpClient(httpClient);
|
||||
factory.setHttpClient(SslUtils.getIgnoreSslHttpClient());
|
||||
restTemplate.setRequestFactory(factory);
|
||||
RequestCallback requestCallback = request -> {
|
||||
request.getHeaders().setAccept(Arrays.asList(MediaType.APPLICATION_OCTET_STREAM, MediaType.ALL));
|
||||
String proxyAuthorization = fileAttribute.getKkProxyAuthorization();
|
||||
if(StringUtils.hasText(proxyAuthorization)){
|
||||
Map<String,String> proxyAuthorizationMap = mapper.readValue(proxyAuthorization, Map.class);
|
||||
if (StringUtils.hasText(proxyAuthorization)) {
|
||||
Map<String, String> proxyAuthorizationMap = mapper.readValue(proxyAuthorization, Map.class);
|
||||
proxyAuthorizationMap.forEach((key, value) -> request.getHeaders().set(key, value));
|
||||
}
|
||||
};
|
||||
@ -155,12 +155,12 @@ public class OnlinePreviewController {
|
||||
IOUtils.copy(fileResponse.getBody(), response.getOutputStream());
|
||||
return null;
|
||||
});
|
||||
} catch (Exception e) {
|
||||
} catch (Exception e) {
|
||||
System.out.println(e);
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
try {
|
||||
if(urlPath.contains(".svg")) {
|
||||
if (urlPath.contains(".svg")) {
|
||||
response.setContentType("image/svg+xml");
|
||||
}
|
||||
inputStream = (url).openStream();
|
||||
|
||||
Loading…
Reference in New Issue
Block a user