Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
Creative commons Attribution-NonCommercial license. http://creativecommons.org/licenses/by-nc/2.5/au/deed.en_GB NO WARRANTY IS GIVEN OR IMPLIED, USE AT YOUR OWN RISK.
 
 package base.jee.servlet;
 
import static base.jee.Constants.MAX_IP_ADDRESS_LENGTH;
public abstract class BaseServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
	protected Settings settings;
	protected JeeBase jee;
	protected API api;
	public BaseServlet(JeeBase jeethrows IOException {
		this. = jee.getSettings();
		this. = jee;
		this. = jee.getAPI();
	}
	public final void doGet(HttpServletRequest requestHttpServletResponse responsethrows ServletExceptionIOException {
		response.setContentType("text/html; charset=UTF-8");
		response.setCharacterEncoding("UTF-8");
		String token = (String)request.getAttribute(.);
		if(token == null) {
			for (Cookie cookie : request.getCookies()) {
					token = cookie.getValue();
					break;
				}
			}
		}
		User u = .getAPI().getSession(tokengetIp(request)).get(0);
		String queryString = request.getQueryString();
		if (queryString == null) {
			.log("DEBUG""Accessing url: " + request.getRequestURI(), u);
else {
			.log("DEBUG""Accessing url: " + request.getRequestURI() + "?" + queryStringu);
		}
		doGet(tokenurequestresponse);
	}
	public abstract void doGet(String tokenUser uHttpServletRequest requestHttpServletResponse responsethrows ServletExceptionIOException;
	protected void doPost(HttpServletRequest requestHttpServletResponse responsethrows ServletExceptionIOException {
		doGet(requestresponse);
	}

Trust the forwarded header only if the connection comes over internal network.
	public static String getIp(HttpServletRequest requestthrows IOException {
		String ip = request.getRemoteAddr();
		if(ip.startsWith("10.") || ip.startsWith("172.") || ip.startsWith("192.168.") || ip.startsWith("127.") || ip.startsWith("0:0:0:0")) {
			if(request.getHeader("HTTP_X_FORWARDED_FOR") != null) {
				ip = request.getHeader("HTTP_X_FORWARDED_FOR");
			}
			if(request.getHeader("X-Forwarded-For") != null) {
				ip = request.getHeader("X-Forwarded-For");
			}
		}
		if(ip != null) {
			if(ip.length() >  * 5) {
				throw new IOException("Malformed client HTTP request header");
			}
			}
		}
		return ip;
	}
New to GrepCode? Check out our FAQ X