#pragma once #include #include #include #include #include #include namespace Poco { class URI; } namespace Poco { namespace Util { class AbstractConfiguration; } } namespace DB { class RemoteHostFilter { /** * This class checks if URL is allowed. * If primary_hosts and regexp_hosts are empty all urls are allowed. */ public: void checkURL(const Poco::URI & uri) const; /// If URL not allowed in config.xml throw UNACCEPTABLE_URL Exception void setValuesFromConfig(const Poco::Util::AbstractConfiguration & config); void checkHostAndPort(const std::string & host, const std::string & port) const; /// Does the same as checkURL, but for host and port. private: std::atomic_bool is_initialized = false; mutable std::mutex hosts_mutex; std::unordered_set primary_hosts TSA_GUARDED_BY(hosts_mutex); /// Allowed primary () URL from config.xml std::vector regexp_hosts TSA_GUARDED_BY(hosts_mutex); /// Allowed regexp () URL from config.xml /// Checks if the primary_hosts and regexp_hosts contain str. If primary_hosts and regexp_hosts are empty return true. bool checkForDirectEntry(const std::string & str) const; }; }