Update ControllerAdminApiApplication.java

[sar12332111]

Secure static file handling to prevent path traversal attacks

• Implemented a new SafeStaticHttpHandler
• Configured the ControllerAdminApiApplication
• Modified the setupSwagger method to use SafeStaticHttpHandler
• Added URL validation

[Jackie-Jiang]

Thanks for the contribution! Can you share more context on this type of attacks and and best practice to defend it

[Jackie-Jiang]

Please reformat the changes following Pinot Style

[sar12332111]

https://github.com/apache/pinot/pull/13124/files

contributed to this PR . closing this

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 46.83%. Comparing base (59551e4) to head (e4c4bdd).
Report is 431 commits behind head on master.

Additional details and impacted files

@@              Coverage Diff              @@
##             master   #13132       +/-   ##
=============================================
- Coverage     61.75%   46.83%   -14.92%     
- Complexity      207     1084      +877     
=============================================
  Files          2436     1913      -523     
  Lines        133233   101274    -31959     
  Branches      20636    16324     -4312     
=============================================
- Hits          82274    47434    -34840     
- Misses        44911    50358     +5447     
+ Partials       6048     3482     -2566     

Flag	Coverage Δ
custom-integration1	?
integration	?
integration1	?
integration2	?
java-11	46.79% <ø> (-14.92%)	⬇️
java-21	46.66% <ø> (-14.97%)	⬇️
skip-bytebuffers-false	46.82% <ø> (-14.93%)	⬇️
skip-bytebuffers-true	46.63% <ø> (+18.90%)	⬆️
temurin	46.83% <ø> (-14.92%)	⬇️
unittests	46.83% <ø> (-14.92%)	⬇️
unittests1	46.83% <ø> (-0.06%)	⬇️
unittests2	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.