boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

add other custom response header entries set by servlets to the response

Browse Source 
to the client (not cookies only). This is used by some servlets to mainly 
set "Access-Control-Allow-Origin" header. Added a contains check to be
sure no header set by Defaultservlet is overwritten.
pull/97/head
reger 8 years ago
parent 77e65016c0
commit 4186ee6fc0
1 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File

20
source/net/yacy/http/servlets/YaCyDefaultServlet.java
Unescape View File

@ -66,6 +66,7 @@ import net.yacy.cora.order.Base64Order;
import net.yacy.cora.protocol.Domains; import net.yacy.cora.protocol.Domains;
import net.yacy.cora.protocol.HeaderFramework; import net.yacy.cora.protocol.HeaderFramework;
import net.yacy.cora.protocol.RequestHeader; import net.yacy.cora.protocol.RequestHeader;
import net.yacy.cora.protocol.ResponseHeader;
import net.yacy.cora.util.ByteBuffer; import net.yacy.cora.util.ByteBuffer;
import net.yacy.cora.util.ConcurrentLog; import net.yacy.cora.util.ConcurrentLog;
import net.yacy.data.InvalidURLLicenceException; import net.yacy.data.InvalidURLLicenceException;
@ -975,12 +976,25 @@ public class YaCyDefaultServlet extends HttpServlet {
templatePatterns = new servletProperties(); templatePatterns = new servletProperties();
} else if (tmp instanceof servletProperties) { } else if (tmp instanceof servletProperties) {
templatePatterns = (servletProperties) tmp; templatePatterns = (servletProperties) tmp;
if (templatePatterns.getOutgoingHeader() != null) {
// handle responseHeader entries set by servlet
ResponseHeader tmpouthdr = templatePatterns.getOutgoingHeader();
for (String hdrkey : tmpouthdr.keySet()) {
if (!HeaderFramework.STATUS_CODE.equals(hdrkey)) { // skip default init response status value (not std. )
String val = tmpouthdr.get(hdrkey);
if (!response.containsHeader(hdrkey) && val != null) { // to be on the safe side, add only new hdr (mainly used for CORS_ALLOW_ORIGIN)
response.setHeader(hdrkey, tmpouthdr.get(hdrkey));
}
}
}
// handle login cookie // handle login cookie
if (templatePatterns.getOutgoingHeader() != null && templatePatterns.getOutgoingHeader().getCookiesEntries() != null) { if (tmpouthdr.getCookiesEntries() != null) {
for (Cookie c : templatePatterns.getOutgoingHeader().getCookiesEntries()) { for (Cookie c : tmpouthdr.getCookiesEntries()) {
response.addCookie(c); response.addCookie(c);
} }
} }
}
} else { } else {
templatePatterns = new servletProperties((serverObjects) tmp); templatePatterns = new servletProperties((serverObjects) tmp);
} }
@ -1025,7 +1039,7 @@ public class YaCyDefaultServlet extends HttpServlet {
templatePatterns.put("newpeer", myPeer.getAge() >= 1 ? 0 : 1); templatePatterns.put("newpeer", myPeer.getAge() >= 1 ? 0 : 1);
templatePatterns.putHTML("newpeer_peerhash", myPeer.hash); templatePatterns.putHTML("newpeer_peerhash", myPeer.hash);
boolean authorized = sb.adminAuthenticated(legacyRequestHeader) >= 2; boolean authorized = sb.adminAuthenticated(legacyRequestHeader) >= 2;
templatePatterns.put("authorized", authorized ? 1 : 0); templatePatterns.put("authorized", authorized ? 1 : 0); // used in templates and other html (e.g. to display lock/unlock symbol)
templatePatterns.put("simpleheadernavbar", sb.getConfig("decoration.simpleheadernavbar", "navbar-default")); templatePatterns.put("simpleheadernavbar", sb.getConfig("decoration.simpleheadernavbar", "navbar-default"));

Write Preview
Loading…
Cancel
Save