From bb4ccdad877ee6b4e596f0d6d169e2e571f17a1d Mon Sep 17 00:00:00 2001 From: kohsuke Date: Wed, 29 Apr 2009 04:46:14 +0000 Subject: [PATCH] Detect if the remote server is really Hudson. git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@17605 71c3de6d-444a-0410-be80-ed276b4c234a --- cli/src/main/java/hudson/cli/FullDuplexHttpStream.java | 6 +++--- core/src/main/java/hudson/model/Hudson.java | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java b/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java index 3632766c1b..f7f73e69ae 100644 --- a/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java +++ b/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java @@ -1,8 +1,5 @@ package hudson.cli; -import hudson.cli.SequenceOutputStream.Block; - -import java.io.FilterOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; @@ -45,6 +42,9 @@ public class FullDuplexHttpStream { con.addRequestProperty("Side","download"); con.getOutputStream().close(); input = con.getInputStream(); + // make sure we hit the right URL + if(con.getHeaderField("Hudson-Duplex")==null) + throw new IOException(target+" doesn't look like Hudson"); // client->server uses chunked encoded POST for unlimited capacity. con = (HttpURLConnection) target.openConnection(); diff --git a/core/src/main/java/hudson/model/Hudson.java b/core/src/main/java/hudson/model/Hudson.java index 25ebc69dd0..7d0a1b551a 100644 --- a/core/src/main/java/hudson/model/Hudson.java +++ b/core/src/main/java/hudson/model/Hudson.java @@ -2712,6 +2712,7 @@ public final class Hudson extends Node implements ItemGroup, Stapl requirePOST(); UUID uuid = UUID.fromString(req.getHeader("Session")); + rsp.setHeader("Hudson-Duplex",""); // set the header so that the client would know final Authentication auth = getAuthentication(); FullDuplexHttpChannel server; -- GitLab