admin/madeu_crm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

로그

Browse Source
This commit is contained in:
bd091
2025-12-07 01:41:32 +09:00
parent 3d0c6dcaa8
commit c8b3150a80
1 changed files with 52 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/main/java/com/madeu/config/WebConfig.java
View File

@@ -7,8 +7,11 @@ import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.resource.PathResourceResolver;
import lombok.extern.slf4j.Slf4j;
import java.io.IOException;
@Slf4j
@Configuration
public class WebConfig implements WebMvcConfigurer {
@@ -17,6 +20,9 @@ public class WebConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
log.info("=== WebConfig 초기화 시작 ===");
log.info("Upload Path: {}", uploadPath);
registry.addResourceHandler("/cdn/**")
.addResourceLocations("file:" + uploadPath + "/")
.setCachePeriod(3600) // 1시간 캐싱
@@ -24,32 +30,65 @@ public class WebConfig implements WebMvcConfigurer {
.addResolver(new PathResourceResolver() {
@Override
protected Resource getResource(String resourcePath, Resource location) throws IOException {
log.info("=== Resource 요청 받음 ===");
log.info("Resource Path: {}", resourcePath);
log.info("Location: {}", location.getURI());
Resource requestedResource = location.createRelative(resourcePath);
log.info("Requested Resource exists: {}", requestedResource.exists());
log.info("Requested Resource readable: {}", requestedResource.isReadable());
log.info("Requested Resource URI: {}", requestedResource.getURI());
// 보안 검증: 허용된 파일 타입만
if (requestedResource.exists() && requestedResource.isReadable()
&& isAllowedResource(requestedResource)) {
if (requestedResource.exists() && requestedResource.isReadable()) {
boolean allowed = isAllowedResource(requestedResource);
log.info("Resource allowed: {}", allowed);
if (allowed) {
log.info("✓ 파일 반환 성공: {}", resourcePath);
return requestedResource;
} else {
log.info("✗ 허용되지 않은 파일 타입: {}", resourcePath);
}
} else {
log.info("✗ 파일 없음 또는 읽을 수 없음: {}", resourcePath);
log.info(" - exists: {}, readable: {}",
requestedResource.exists(),
requestedResource.isReadable());
}
return null;
}
private boolean isAllowedResource(Resource resource) {
try {
String filename = resource.getFilename();
return filename != null &&
(filename.toLowerCase().endsWith(".jpg") ||
filename.toLowerCase().endsWith(".jpeg") ||
filename.toLowerCase().endsWith(".png") ||
filename.toLowerCase().endsWith(".gif") ||
filename.toLowerCase().endsWith(".webp") ||
filename.toLowerCase().endsWith(".bmp") ||
filename.toLowerCase().endsWith(".svg"));
log.info("Checking filename: {}", filename);
if (filename == null) {
log.info("파일명이 null입니다");
return false;
}
String lowerFilename = filename.toLowerCase();
boolean isAllowed = lowerFilename.endsWith(".jpg") ||
lowerFilename.endsWith(".jpeg") ||
lowerFilename.endsWith(".png") ||
lowerFilename.endsWith(".gif") ||
lowerFilename.endsWith(".webp") ||
lowerFilename.endsWith(".bmp") ||
lowerFilename.endsWith(".svg");
log.info("파일 타입 검증 결과 - 파일명: {}, 허용: {}", filename, isAllowed);
return isAllowed;
} catch (Exception e) {
e.printStackTrace();
log.error("파일 타입 검증 중 오류 발생", e);
return false;
}
}
});
log.info("=== WebConfig 설정 완료 ===");
}
}