Class AllowListUrlChecker


  • public class AllowListUrlChecker
    extends Object
    Validates URLs based on an allow list or a ClusterState in SolrCloud.
    • Constructor Detail

      • AllowListUrlChecker

        public AllowListUrlChecker​(List<String> urlAllowList)
                            throws MalformedURLException
        Parameters:
        urlAllowList - List of allowed URLs. URLs must be well-formed, missing protocol is tolerated. An empty list means there is no explicit allow-list of URLs, in this case no URL is allowed unless a ClusterState is provided in checkAllowList(List, ClusterState).
        Throws:
        MalformedURLException - If an URL is invalid.
    • Method Detail

      • checkAllowList

        public void checkAllowList​(List<String> urls,
                                   org.apache.solr.common.cloud.ClusterState clusterState)
                            throws MalformedURLException
        Checks that the given URLs are present in the configured allow-list or in the provided ClusterState (in case of cloud mode).
        Parameters:
        urls - The list of urls to check.
        clusterState - The up to date ClusterState, can be null in case of non-cloud mode.
        Throws:
        MalformedURLException - If an URL is invalid.
        org.apache.solr.common.SolrException - If an URL is not present in the allow-list or in the provided ClusterState.
      • hasExplicitAllowList

        public boolean hasExplicitAllowList()
        Whether this checker has been created with a non-empty allow-list of URLs.
      • isEnabled

        public boolean isEnabled()
        Whether the URL checking is enabled. Only ALLOW_ALL returns false.
      • getHostAllowList

        public Set<String> getHostAllowList()
        Only for testing.