Struts 1.2 Servlet Filter and web.xml filtering url-pattern

https://stackoverflow.com/questions/17998518

xss
servlet-filters
url-pattern

04-06-2022
|

Question

I have a URL in the following form...

 htts://www.mysite/admin/userprofile.do

Using a servlet filter I want to prevent certain things in part of the URL. Using the following in web.xml...

<filter-mapping>
    <filter-name>myFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

With an appropriate servlet-filter how could I change url-pattern to only manage the /admin/ portion of the URL (this is an old app that for whatever reason allows an XSS injection only in that portion). Is this possible?

Solution

<url-pattern>/admin/*</url-pattern>

OTHER TIPS

You can achieve this like below :

    <filter-mapping>
      <filter-name>myFilter</filter-name>
      <url-pattern>/admin/*</url-pattern>
    </filter-mapping>

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow