Check if maxage header value is valid before setting it

Adobe-Consulting-Services · Feb 1, 2024 · 8a056c0 · 8a056c0
1 parent 8447501
commit 8a056c0
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/...va/com/adobe/acs/commons/http/headers/impl/PropertyBasedDispatcherMaxAgeHeaderFilter.java b/...va/com/adobe/acs/commons/http/headers/impl/PropertyBasedDispatcherMaxAgeHeaderFilter.java
@@ -100,7 +100,11 @@ protected String getHeaderValue(HttpServletRequest request) {
             Resource resource = getResource(slingRequest);
             if (resource != null) {
                 String headerValue = resource.getValueMap().get(propertyName, String.class);
-                return HEADER_PREFIX + headerValue;
+                if (isValidMaxAgeValue(headerValue)) {
+                    return HEADER_PREFIX + headerValue;
+                } else {
+                    log.debug("Invalid value found in property for max-age header");
+                }
             }
         }
         log.debug("An error occurred, falling back to the default max age value of this filter");
@@ -119,6 +123,15 @@ protected final void doActivate(ComponentContext context) throws Exception {
         inheritPropertyValue = PropertiesUtil.toString(properties.get(PROP_INHERIT_PROPERTY_VALUE), "INHERIT");
     }
 
+    private boolean isValidMaxAgeValue(String headerValue) {
+        try {
+            Integer.parseInt(headerValue);
+            return true;
+        } catch(NumberFormatException e) {
+            return false;
+        }
+    }
+
     public String toString() {
         return this.getClass().getName() + "[property-name:" + propertyName + ",fallback-max-age:" + super.getHeaderValue(null) + "]";
     }