add other custom response header entries set by servlets to the response

to the client (not cookies only). This is used by some servlets to mainly 
set "Access-Control-Allow-Origin" header. Added a contains check to be
sure no header set by Defaultservlet is overwritten.
pull/97/head
reger 8 years ago
parent 77e65016c0
commit 4186ee6fc0

@ -66,6 +66,7 @@ import net.yacy.cora.order.Base64Order;
import net.yacy.cora.protocol.Domains; import net.yacy.cora.protocol.Domains;
import net.yacy.cora.protocol.HeaderFramework; import net.yacy.cora.protocol.HeaderFramework;
import net.yacy.cora.protocol.RequestHeader; import net.yacy.cora.protocol.RequestHeader;
import net.yacy.cora.protocol.ResponseHeader;
import net.yacy.cora.util.ByteBuffer; import net.yacy.cora.util.ByteBuffer;
import net.yacy.cora.util.ConcurrentLog; import net.yacy.cora.util.ConcurrentLog;
import net.yacy.data.InvalidURLLicenceException; import net.yacy.data.InvalidURLLicenceException;
@ -975,10 +976,23 @@ public class YaCyDefaultServlet extends HttpServlet {
templatePatterns = new servletProperties(); templatePatterns = new servletProperties();
} else if (tmp instanceof servletProperties) { } else if (tmp instanceof servletProperties) {
templatePatterns = (servletProperties) tmp; templatePatterns = (servletProperties) tmp;
// handle login cookie
if (templatePatterns.getOutgoingHeader() != null && templatePatterns.getOutgoingHeader().getCookiesEntries() != null) { if (templatePatterns.getOutgoingHeader() != null) {
for (Cookie c : templatePatterns.getOutgoingHeader().getCookiesEntries()) { // handle responseHeader entries set by servlet
response.addCookie(c); ResponseHeader tmpouthdr = templatePatterns.getOutgoingHeader();
for (String hdrkey : tmpouthdr.keySet()) {
if (!HeaderFramework.STATUS_CODE.equals(hdrkey)) { // skip default init response status value (not std. )
String val = tmpouthdr.get(hdrkey);
if (!response.containsHeader(hdrkey) && val != null) { // to be on the safe side, add only new hdr (mainly used for CORS_ALLOW_ORIGIN)
response.setHeader(hdrkey, tmpouthdr.get(hdrkey));
}
}
}
// handle login cookie
if (tmpouthdr.getCookiesEntries() != null) {
for (Cookie c : tmpouthdr.getCookiesEntries()) {
response.addCookie(c);
}
} }
} }
} else { } else {
@ -1025,7 +1039,7 @@ public class YaCyDefaultServlet extends HttpServlet {
templatePatterns.put("newpeer", myPeer.getAge() >= 1 ? 0 : 1); templatePatterns.put("newpeer", myPeer.getAge() >= 1 ? 0 : 1);
templatePatterns.putHTML("newpeer_peerhash", myPeer.hash); templatePatterns.putHTML("newpeer_peerhash", myPeer.hash);
boolean authorized = sb.adminAuthenticated(legacyRequestHeader) >= 2; boolean authorized = sb.adminAuthenticated(legacyRequestHeader) >= 2;
templatePatterns.put("authorized", authorized ? 1 : 0); templatePatterns.put("authorized", authorized ? 1 : 0); // used in templates and other html (e.g. to display lock/unlock symbol)
templatePatterns.put("simpleheadernavbar", sb.getConfig("decoration.simpleheadernavbar", "navbar-default")); templatePatterns.put("simpleheadernavbar", sb.getConfig("decoration.simpleheadernavbar", "navbar-default"));

Loading…
Cancel
Save