IDEA-307028 Add API endpoint to upload logs to uploads.jetbrains.com

Don't allow origin from not predefined hosts GitOrigin-RevId: fdcbb0b3ea8ea0698cf5ba2cf301f398c8d8de6c
2026-01-08 15:09:39 +07:00 · 2023-02-08 16:09:11 +01:00
parent 887b0c2a77
commit 914efdff4a
4 changed files with 12 additions and 20 deletions
--- a/platform/built-in-server/src/org/jetbrains/ide/InstallPluginService.kt
+++ b/platform/built-in-server/src/org/jetbrains/ide/InstallPluginService.kt
@@ -138,7 +138,7 @@ internal class InstallPluginService : RestService() {
  }

  override fun isHostTrusted(request: FullHttpRequest, urlDecoder: QueryStringDecoder): Boolean {
-    return isHostInPredefinedHosts(request, urlDecoder, trustedPredefinedHosts, "idea.api.install.hosts.trusted")
+    return isHostInPredefinedHosts(request, trustedPredefinedHosts, "idea.api.install.hosts.trusted")
           || super.isHostTrusted(request, urlDecoder)
  }
 }
--- a/platform/built-in-server/src/org/jetbrains/ide/RestService.kt
+++ b/platform/built-in-server/src/org/jetbrains/ide/RestService.kt
@@ -328,7 +328,7 @@ abstract class RestService : HttpRequestHandler() {
    }
  }

-  fun isHostInPredefinedHosts(request: FullHttpRequest, urlDecoder: QueryStringDecoder, trustedPredefinedHosts: Set<String>, systemPropertyKey: String): Boolean {
+  fun isHostInPredefinedHosts(request: HttpRequest, trustedPredefinedHosts: Set<String>, systemPropertyKey: String): Boolean {
    val origin = request.origin
    val originHost = try {
      if (origin == null) null else URI(origin).takeIf { it.scheme == "https" }?.host.nullize()
--- a/platform/built-in-server/src/org/jetbrains/ide/UploadLogsService.kt
+++ b/platform/built-in-server/src/org/jetbrains/ide/UploadLogsService.kt
@@ -27,6 +27,8 @@ import java.io.IOException
 import java.net.HttpURLConnection
 import kotlin.io.path.name

+private const val propertyKeyForTrustedHosts = "idea.api.collectLogs.hosts.trusted"
+
 class UploadLogsService : RestService() {
  private val uploadsServiceUrl = "https://uploads.jetbrains.com"

@@ -37,7 +39,13 @@ class UploadLogsService : RestService() {
    return serviceName
  }

-  override fun isOriginAllowed(request: HttpRequest) = OriginCheckResult.ALLOW
+  override fun isOriginAllowed(request: HttpRequest): OriginCheckResult  {
+    return if(isHostInPredefinedHosts(request, trustedPredefinedHosts, propertyKeyForTrustedHosts)){
+      OriginCheckResult.ALLOW
+    } else {
+      OriginCheckResult.FORBID
+    }
+  }

  override fun execute(urlDecoder: QueryStringDecoder, request: FullHttpRequest, context: ChannelHandlerContext): String? {
    val path = urlDecoder.path().split(serviceName).last().trimStart('/')
@@ -133,7 +141,7 @@ class UploadLogsService : RestService() {
  }

  override fun isHostTrusted(request: FullHttpRequest, urlDecoder: QueryStringDecoder): Boolean {
-    return isHostInPredefinedHosts(request, urlDecoder, trustedPredefinedHosts, "idea.api.collectLogs.hosts.trusted")
+    return isHostInPredefinedHosts(request, trustedPredefinedHosts, propertyKeyForTrustedHosts)
  }

 }
--- a/platform/built-in-server/testSrc/org/jetbrains/ide/UploadLogServiceTest.kt
+++ b/platform/built-in-server/testSrc/org/jetbrains/ide/UploadLogServiceTest.kt
@@ -1,16 +0,0 @@
-// Copyright 2000-2020 JetBrains s.r.o. Use of this source code is governed by the Apache 2.0 license that can be found in the LICENSE file.
-package org.jetbrains.ide
-
-import org.assertj.core.api.Assertions.assertThat
-import org.junit.Test
-
-internal class UploadLogServiceTest : BuiltInServerTestCase() {
-  override val urlPathPrefix = "/api/logs"
-
-  @Test
-  fun `statusReturnedCorrectly`() {
-    doTest("/status", asSignedRequest = false) { response ->
-      assertThat(response.statusCode()).isEqualTo(200)
-    }
-  }
-}