From 27068593d697305505764ca9fc7aa886d8d5ac83 Mon Sep 17 00:00:00 2001 From: B4S1C-Coder Date: Tue, 16 Dec 2025 00:10:29 +0530 Subject: [PATCH] fix: allow health checks in security config and enterprise filter --- .../software/common/util/RequestUriUtils.java | 20 ++++++++++++------- .../filter/EnterpriseEndpointFilter.java | 14 +++++++++++-- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java b/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java index acad6f4a9..ed0a1722e 100644 --- a/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java +++ b/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java @@ -38,12 +38,12 @@ public class RequestUriUtils { } // Specific static files bundled with the frontend - if (normalizedUri.equals("/robots.txt") - || normalizedUri.equals("/favicon.ico") - || normalizedUri.equals("/manifest.json") - || normalizedUri.equals("/site.webmanifest") - || normalizedUri.equals("/manifest-classic.json") - || normalizedUri.equals("/index.html")) { + if ("/robots.txt".equals(normalizedUri) + || "/favicon.ico".equals(normalizedUri) + || "/manifest.json".equals(normalizedUri) + || "/site.webmanifest".equals(normalizedUri) + || "/manifest-classic.json".equals(normalizedUri) + || "/index.html".equals(normalizedUri)) { return true; } @@ -168,7 +168,13 @@ public class RequestUriUtils { "/api/v1/ui-data/footer-info") // Public footer configuration || trimmedUri.startsWith("/api/v1/invite/validate") || trimmedUri.startsWith("/api/v1/invite/accept") - || trimmedUri.startsWith("/v1/api-docs"); + || trimmedUri.startsWith("/v1/api-docs") + // Health Endoints + || trimmedUri.startsWith("/actuator/health") + || trimmedUri.startsWith("/health") + || trimmedUri.startsWith("/healthz") + || trimmedUri.startsWith("/liveness") + || trimmedUri.startsWith("/readiness"); } private static String stripContextPath(String contextPath, String requestURI) { diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java index 5ee61f8ff..22c56aecd 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java @@ -26,8 +26,18 @@ public class EnterpriseEndpointFilter extends OncePerRequestFilter { throws ServletException, IOException { if (!runningProOrHigher && isPrometheusEndpointRequest(request)) { - response.setStatus(HttpStatus.NOT_FOUND.value()); - return; + // Allow only health checks to pass through for non-pro users + String uri = request.getRequestURI(); + boolean isHealthCheck = + uri.contains("/actuator/health") + || uri.contains("/healthz") + || uri.contains("/liveness") + || uri.contains("/readiness"); + + if (!isHealthCheck) { + response.setStatus(HttpStatus.NOT_FOUND.value()); + return; + } } filterChain.doFilter(request, response); }