Exemplo n.º 1
0
        private void CreateUnauthorizedChallenge(ServletResponse response, SecurityRule rule)
        {
            HttpServletResponse httpServletResponse = ( HttpServletResponse )response;

            httpServletResponse.Status = 401;
            httpServletResponse.addHeader("WWW-Authenticate", rule.WwwAuthenticateHeader());
        }
Exemplo n.º 2
0
        private void generateResponse(HttpServletResponse resp, string type, string content)
        {
            Resource newResource = new Resource(content);

            resources.add(type, newResource);
            // TODO: should put the ID in
            resp.Status = HttpServletResponse.SC_CREATED;
            resp.addHeader("Location", type + "/" + newResource.Id);
        }
Exemplo n.º 3
0
        public override void SendUnknownResponseHeader(string name, string value)
        {
            if (HeadersSent())
            {
                return;
            }

            _HttpServletResponse.addHeader(name, value);
        }
Exemplo n.º 4
0
 private void AddAllowedHeaderIfValid(string headerName, HttpServletResponse response)
 {
     if (isValidHttpHeaderName(headerName))
     {
         response.addHeader(ACCESS_CONTROL_ALLOW_HEADERS, headerName);
     }
     else
     {
         _log.warn("Invalid HTTP header specified in " + ACCESS_CONTROL_REQUEST_HEADERS + " '" + headerName + "'. " + "It will be ignored and not attached to the " + ACCESS_CONTROL_ALLOW_HEADERS + " response header");
     }
 }
Exemplo n.º 5
0
        private void headers(HttpServletResponse resp, string extension, string optCharset)
        {
            resp.Status = HttpServletResponse.SC_OK;
            string s = "";

            if (!string.ReferenceEquals(optCharset, null))
            {
                s = ";charset=" + optCharset;
            }
            resp.addHeader("Content-Type", "application/" + extension + s);
        }
Exemplo n.º 6
0
        private void AddAllowedMethodIfValid(string methodName, HttpServletResponse response)
        {
            HttpMethod method = HttpMethod.valueOfOrNull(methodName);

            if (method != null)
            {
                response.addHeader(ACCESS_CONTROL_ALLOW_METHODS, methodName);
            }
            else
            {
                _log.warn("Unknown HTTP method specified in " + ACCESS_CONTROL_REQUEST_METHOD + " '" + methodName + "'. " + "It will be ignored and not attached to the " + ACCESS_CONTROL_ALLOW_METHODS + " response header");
            }
        }
Exemplo n.º 7
0
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public void doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletException
        public override void DoFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
        {
            HttpServletRequest  request  = ( HttpServletRequest )servletRequest;
            HttpServletResponse response = ( HttpServletResponse )servletResponse;

            if (request.ServletPath != null && request.ServletPath.EndsWith(".html"))
            {
                response.addHeader("Cache-Control", "private, no-cache, no-store, proxy-revalidate, no-transform");
                response.addHeader("Pragma", "no-cache");
                response.addHeader("Content-Security-Policy", "frame-ancestors 'none'");
                response.addHeader("X-Frame-Options", "DENY");
                response.addHeader("X-Content-Type-Options", "nosniff");
                response.addHeader("X-XSS-Protection", "1; mode=block");
            }
            filterChain.doFilter(servletRequest, servletResponse);
        }
        public override void service(ServletRequest request, ServletResponse response)

        {
            QuercusHttpServletRequest req
                = new QuercusHttpServletRequestImpl((HttpServletRequest)request);
            HttpServletResponse res = (HttpServletResponse)response;

            string uri = QuercusRequestAdapter.getPageURI(req);

            CacheEntry entry = _cache.get(uri);

            if (entry == null)
            {
                string path    = getPath(req);
                string relPath = path.getUserPath();

                string mimeType = _context.getMimeType(uri);

                entry = new CacheEntry(path, relPath, mimeType);
                _cache.put(uri, entry);
            }
            else if (entry.isModified())
            {
                entry = new CacheEntry(entry.getPath(),
                                       entry.getRelPath(),
                                       entry.getMimeType());

                _cache.put(uri, entry);
            }

            string ifMatch = req.getHeader("If-None-Match");
            string etag    = entry.getEtag();

            if (ifMatch != null && ifMatch.equals(etag))
            {
                res.addHeader("ETag", etag);
                res.sendError(HttpServletResponse.SC_NOT_MODIFIED);
                return;
            }

            string lastModified = entry.getLastModifiedString();

            if (ifMatch == null)
            {
                string ifModified = req.getHeader("If-Modified-Since");

                bool isModified = true;

                if (ifModified == null)
                {
                }
                else if (ifModified.equals(lastModified))
                {
                    isModified = false;
                }
                else
                {
                    long ifModifiedTime;

                    QDate date = QDate.allocateLocalDate();

                    try {
                        ifModifiedTime = date.parseDate(ifModified);
                    } catch (Exception e) {
                        log.log(Level.FINER, e.ToString(), e);

                        ifModifiedTime = 0;
                    }

                    QDate.freeLocalDate(date);

                    isModified = ifModifiedTime == 0 ||
                                 ifModifiedTime != entry.getLastModified();
                }

                if (!isModified)
                {
                    if (etag != null)
                    {
                        res.addHeader("ETag", etag);
                    }

                    res.sendError(HttpServletResponse.SC_NOT_MODIFIED);
                    return;
                }
            }

            res.addHeader("ETag", etag);
            res.addHeader("Last-Modified", lastModified);

            string mime = entry.getMimeType();

            if (mime != null)
            {
                res.setContentType(mime);
            }

            res.setContentLength((int)entry.getLength());

            string method = req.getMethod();

            if (method.equalsIgnoreCase("HEAD"))
            {
                return;
            }

            string path = entry.getPath();

            if (path.isDirectory())
            {
                res.sendError(HttpServletResponse.SC_NOT_FOUND);

                return;
            }
            else if (!path.canRead())
            {
                res.sendError(HttpServletResponse.SC_NOT_FOUND);

                return;
            }

            OutputStream os = response.getOutputStream();

            path.writeToStream(os);
        }