safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-504: Don't reveal internals in sendError method.

Browse Source
This commit is contained in:
Nick Couchman
2018-02-08 22:53:14 -05:00
parent 5aaea07b5e
commit 0dc5306fe1
1 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
guacamole-common/src/main/java/org/apache/guacamole/servlet/GuacamoleHTTPTunnelServlet.java
View File

@@ -149,23 +149,30 @@ public abstract class GuacamoleHTTPTunnelServlet extends HttpServlet {
* @param response * @param response
* The HTTP response to use to send the error. * The HTTP response to use to send the error.
* *
* @param guacamoleException * @param guacamoleStatusCode
* The exception that caused this error. * The GuacamoleStatus code to send.
*
* @param guacamoleHttpCode
* The numeric HTTP code to send.
*
* @param message
* The human-readable error message to send.
* *
* @throws ServletException * @throws ServletException
* If an error prevents sending of the error code. * If an error prevents sending of the error code.
*/ */
protected void sendError(HttpServletResponse response, protected void sendError(HttpServletResponse response, int guacamoleStatusCode,
GuacamoleException guacamoleException) int guacamoleHttpCode, String message)
throws ServletException { throws ServletException {
try { try {
// If response not committed, send error code and message // If response not committed, send error code and message
if (!response.isCommitted()) { if (!response.isCommitted()) {
response.addHeader("Guacamole-Status-Code", Integer.toString(guacamoleException.getStatus().getGuacamoleStatusCode())); response.addHeader("Guacamole-Status-Code", Integer.toString(guacamoleStatusCode));
response.addHeader("Guacamole-Error-Message", guacamoleException.getMessage()); response.addHeader("Guacamole-Error-Message", message);
response.sendError(guacamoleException.getHttpStatusCode()); response.sendError(guacamoleHttpCode);
} }
} }
@@ -253,14 +260,18 @@ public abstract class GuacamoleHTTPTunnelServlet extends HttpServlet {
// Catch any thrown guacamole exception and attempt to pass within the // Catch any thrown guacamole exception and attempt to pass within the
// HTTP response, logging each error appropriately. // HTTP response, logging each error appropriately.
catch (GuacamoleClientException e) {
logger.warn("HTTP tunnel request rejected: {}", e.getMessage());
sendError(response, e);
}
catch (GuacamoleException e) { catch (GuacamoleException e) {
logger.error("HTTP tunnel request failed: {}", e.getMessage()); if (e instanceof GuacamoleClientException) {
logger.debug("Internal error in HTTP tunnel.", e); logger.warn("HTTP tunnel request rejected: {}", e.getMessage());
sendError(response, e); sendError(response, e.getStatus().getGuacamoleStatusCode(),
e.getStatus().getHttpStatusCode(), e.getMessage());
}
else {
logger.error("HTTP tunnel request failed: {}", e.getMessage());
logger.debug("Internal error in HTTP tunnel.", e);
sendError(response, e.getStatus().getGuacamoleStatusCode(),
e.getStatus().getHttpStatusCode(), "Internal server error.");
}
} }
} }