Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-09-12 17:52:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

(Snyk) Fixed finding: "Improper Neutralization of CRLF Sequences in HTTP Headers"

Browse Source
This commit is contained in:
pixeebot[bot] 2025-04-26 22:05:24 +00:00 committed by GitHub
parent 5f8b208db4
commit 806d5e7a9b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/stirling/software/SPDF/config/security/UserBasedRateLimitingFilter.java
View File

@ -121,7 +121,7 @@ public class UserBasedRateLimitingFilter extends OncePerRequestFilter {
if (probe.isConsumed()) { if (probe.isConsumed()) {
response.setHeader( response.setHeader(
"X-Rate-Limit-Remaining", "X-Rate-Limit-Remaining",
Newlines.stripAll(Long.toString(probe.getRemainingTokens()))); stripNewlines(Newlines.stripAll(Long.toString(probe.getRemainingTokens()))));
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
} else { } else {
long waitForRefill = probe.getNanosToWaitForRefill() / 1_000_000_000; long waitForRefill = probe.getNanosToWaitForRefill() / 1_000_000_000;
@ -141,4 +141,8 @@ public class UserBasedRateLimitingFilter extends OncePerRequestFilter {
.build(); .build();
return Bucket.builder().addLimit(limit).build(); return Bucket.builder().addLimit(limit).build();
} }
private static String stripNewlines(final String s) {
return s.replaceAll("[\n\r]", "");
}
} }