console/ajax/FileUpload.jsp

	FileUpload.jsp revision 422f9c44458dca571ce35115d5173ce5702a1560
509N/A<%--
509N/A   DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
1131N/A
509N/A   Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
1466N/A
509N/A   The contents of this file are subject to the terms
509N/A   of the Common Development and Distribution License
919N/A   (the License). You may not use this file except in
919N/A   compliance with the License.
919N/A
919N/A   You can obtain a copy of the License at
919N/A   https://opensso.dev.java.net/public/CDDLv1.0.html or
919N/A   opensso/legal/CDDLv1.0.txt
919N/A   See the License for the specific language governing
919N/A   permission and limitations under the License.
919N/A
919N/A   When distributing Covered Code, include this CDDL
919N/A   Header Notice in each file and include the License file
919N/A   at opensso/legal/CDDLv1.0.txt.
919N/A   If applicable, add the following below the CDDL Header,
919N/A   with the fields enclosed by brackets [] replaced by
919N/A   your own identifying information:
919N/A   "Portions Copyrighted [year] [name of copyright owner]"
919N/A
509N/A   $Id: FileUpload.jsp,v 1.4 2009/08/07 23:39:08 asyhuang Exp $
509N/A
509N/A--%>
509N/A<%--
509N/A   Portions Copyrighted 2012-2015 ForgeRock AS.
509N/A   Portions Copyrighted 2012 Open Source Solution Technology Corporation
1131N/A--%>
509N/A
1466N/A<%@page import="com.iplanet.am.util.SystemProperties"%>
851N/A<%@page import="com.iplanet.sso.SSOException"%>
851N/A<%@page import="com.iplanet.sso.SSOToken"%>
851N/A<%@page import="com.iplanet.sso.SSOTokenManager"%>
851N/A<%@page import="com.sun.identity.shared.Constants"%>
<%@page import="java.io.*" %>
<%@page import="java.util.*" %>
<%@ page import="org.owasp.esapi.ESAPI" %>


<%
        request.setCharacterEncoding("UTF-8");
        response.setContentType("text/html; charset=UTF-8");
        Locale resLocale = request.getLocale();
        if (resLocale == null) {
            resLocale = Locale.US;
        }
        try {
            SSOTokenManager manager = SSOTokenManager.getInstance();
            SSOToken ssoToken = manager.createSSOToken(request);

            if (!manager.isValidToken(ssoToken)) {
                return;
            }
        } catch (SSOException ssoe) {
            String redirectUrl = request.getScheme() + "://" +
                    request.getServerName() + ":" +
                    request.getServerPort() +
                    request.getContextPath();
            response.sendRedirect(redirectUrl);
            return;
        }

        InputStream is = null;
        BufferedReader bos = null;

        try {
            boolean limitExceeded = false;
            StringBuilder sb = new StringBuilder();
            is = request.getInputStream();
            bos = new BufferedReader(new InputStreamReader(is));
            String line = bos.readLine();
            while (line != null) {
                sb.append(line).append("\n");
                line = bos.readLine();
                if (sb.length() > SystemProperties.getAsInt(Constants.MAX_FILE_UPLOAD_SIZE, 750 * 1024)) {
                    limitExceeded = true;
                    break;
                }
            }

            if (limitExceeded) {
                ResourceBundle rb = null;
                String RB_NAME = "workflowMessages";
                com.sun.identity.shared.debug.Debug debug =
                        com.sun.identity.shared.debug.Debug.getInstance("workflowMessages");
                rb = ResourceBundle.getBundle(RB_NAME, resLocale);
                String data = com.sun.identity.shared.locale.Locale.getString(
                        rb, "file.upload.size.limit.exceeded", debug);
                out.println("<div id=\"data\">" + "Error: " + ESAPI.encoder().encodeForHTML(data) + "</div>");
            } else {
                // Parses a content-type String for the boundary.
                String contentType = request.getContentType();
                if (contentType == null) {
                    contentType = request.getHeader("Content-Type");
                }
                String boundary = "";
                if (contentType != null && contentType.lastIndexOf("boundary=") != -1) {
                    boundary = contentType.substring(contentType.lastIndexOf("boundary=") + 9);
                    if (boundary.endsWith("\n")) {
                        boundary = boundary.substring(0, boundary.length()-1);
                    }
                }

                String data = sb.toString();
                int idx = data.indexOf("filename=\"");
                idx = data.indexOf("\n\n", idx);
                data = data.substring(idx + 2);
                idx = data.lastIndexOf("\n--" + boundary);
                data = data.substring(0, idx);
                data = data.replace("<", "&lt;");
                data = data.replace(">", "&gt;");
                out.println("<div id=\"data\">" + ESAPI.encoder().encodeForHTML(data) + "</div>");
            }
        } catch (IOException e) {
        } finally {
            try {
                if (bos != null) {
                    bos.close();
                }
            } catch (IOException e) {
                //ignore
            }
            try {
                if (is != null) {
                    is.close();
                }
            } catch (IOException e) {
                //ignore
            }
        }
%>