瀏覽代碼

dashboard: Improve param validation in MachineRegistryController

Signed-off-by: Eric Zhao <sczyh16@gmail.com>
master
Eric Zhao 3 年之前
父節點
當前提交
744be07a57
共有 1 個文件被更改,包括 17 次插入10 次删除
  1. +17
    -10
      sentinel-dashboard/src/main/java/com/alibaba/csp/sentinel/dashboard/controller/MachineRegistryController.java

+ 17
- 10
sentinel-dashboard/src/main/java/com/alibaba/csp/sentinel/dashboard/controller/MachineRegistryController.java 查看文件

@@ -18,9 +18,9 @@ package com.alibaba.csp.sentinel.dashboard.controller;
import com.alibaba.csp.sentinel.dashboard.discovery.AppManagement;
import com.alibaba.csp.sentinel.util.StringUtil;

import com.alibaba.csp.sentinel.dashboard.discovery.MachineDiscovery;
import com.alibaba.csp.sentinel.dashboard.discovery.MachineInfo;
import com.alibaba.csp.sentinel.dashboard.domain.Result;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -41,21 +41,28 @@ public class MachineRegistryController {

@ResponseBody
@RequestMapping("/machine")
public Result<?> receiveHeartBeat(String app, @RequestParam(value = "app_type", required = false, defaultValue = "0") Integer appType, Long version, String v, String hostname, String ip, Integer port) {
if (app == null) {
app = MachineDiscovery.UNKNOWN_APP_NAME;
public Result<?> receiveHeartBeat(String app,
@RequestParam(value = "app_type", required = false, defaultValue = "0")
Integer appType, Long version, String v, String hostname, String ip,
Integer port) {
if (StringUtil.isBlank(app) || app.length() > 256) {
return Result.ofFail(-1, "invalid appName");
}
if (StringUtil.isBlank(ip) || ip.length() > 128) {
return Result.ofFail(-1, "invalid ip: " + ip);
}
if (ip == null) {
return Result.ofFail(-1, "ip can't be null");
if (port == null || port < -1) {
return Result.ofFail(-1, "invalid port");
}
if (port == null) {
return Result.ofFail(-1, "port can't be null");
if (hostname != null && hostname.length() > 256) {
return Result.ofFail(-1, "hostname too long");
}
if (port == -1) {
logger.info("Receive heartbeat from " + ip + " but port not set yet");
logger.warn("Receive heartbeat from " + ip + " but port not set yet");
return Result.ofFail(-1, "your port not set yet");
}
String sentinelVersion = StringUtil.isEmpty(v) ? "unknown" : v;
String sentinelVersion = StringUtil.isBlank(v) ? "unknown" : v;

version = version == null ? System.currentTimeMillis() : version;
try {
MachineInfo machineInfo = new MachineInfo();


Loading…
取消
儲存