From cce97dbe46bdd8b14699dc25c002b1de6a3c8f8f Mon Sep 17 00:00:00 2001 From: B4S1C-Coder Date: Tue, 16 Dec 2025 09:39:31 +0530 Subject: [PATCH] fix: use stricter URL matching in enterprise filter --- .../filter/EnterpriseEndpointFilter.java | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java index 22c56aecd..a0165a28c 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java @@ -28,11 +28,19 @@ public class EnterpriseEndpointFilter extends OncePerRequestFilter { if (!runningProOrHigher && isPrometheusEndpointRequest(request)) { // Allow only health checks to pass through for non-pro users String uri = request.getRequestURI(); + + // Strip the context path + String contextPath = request.getContextPath(); + String trimmedUri = + (contextPath != null && uri.startsWith(contextPath)) + ? uri.substring(contextPath.length()) + : uri; + boolean isHealthCheck = - uri.contains("/actuator/health") - || uri.contains("/healthz") - || uri.contains("/liveness") - || uri.contains("/readiness"); + trimmedUri.startsWith("/actuator/health") + || "/healthz".equals(trimmedUri) + || "/liveness".equals(trimmedUri) + || "/readiness".equals(trimmedUri); if (!isHealthCheck) { response.setStatus(HttpStatus.NOT_FOUND.value());