// --------------------------------------------------------------- Handlers
/// <summary>
/// Handles a CORS request of type
/// <see cref="CORSRequestType"/>
/// .SIMPLE.
/// </summary>
/// <param name="request">
/// The
/// <see cref="Javax.Servlet.Http.IHttpServletRequest"/>
/// object.
/// </param>
/// <param name="response">
/// The
/// <see cref="Javax.Servlet.Http.IHttpServletResponse"/>
/// object.
/// </param>
/// <param name="filterChain">
/// The
/// <see cref="Javax.Servlet.IFilterChain"/>
/// object.
/// </param>
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Javax.Servlet.ServletException"/>
/// <seealso><a href="http://www.w3.org/TR/cors/#resource-requests">Simple
/// * Cross-Origin Request, Actual Request, and Redirects</a></seealso>
public void HandleSimpleCORS(IHttpServletRequest request, IHttpServletResponse response, IFilterChain filterChain)
{
CORSFilter.CORSRequestType requestType = CheckRequestType(request);
if (!(requestType == CORSFilter.CORSRequestType.Simple || requestType == CORSFilter.CORSRequestType.Actual))
{
string message = "Expects a HttpServletRequest object of type " + CORSFilter.CORSRequestType.Simple + " or " + CORSFilter.CORSRequestType.Actual;
throw new ArgumentException(message);
}
string origin = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderOrigin);
string method = request.GetMethod();
// Section 6.1.2
if (!IsOriginAllowed(origin))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
if (!allowedHttpMethods.Contains(method))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
// Section 6.1.3
// Add a single Access-Control-Allow-Origin header.
if (anyOriginAllowed && !supportsCredentials)
{
// If resource doesn't support credentials and if any origin is
// allowed
// to make CORS request, return header with '*'.
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, "*");
}
else
{
// If the resource supports credentials add a single
// Access-Control-Allow-Origin header, with the value of the Origin
// header as value.
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, origin);
}
// Section 6.1.3
// If the resource supports credentials, add a single
// Access-Control-Allow-Credentials header with the case-sensitive
// string "true" as value.
if (supportsCredentials)
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowCredentials, "true");
}
// Section 6.1.4
// If the list of exposed headers is not empty add one or more
// Access-Control-Expose-Headers headers, with as values the header
// field names given in the list of exposed headers.
if ((exposedHeaders != null) && (exposedHeaders.Count > 0))
{
string exposedHeadersString = Join(exposedHeaders, ",");
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlExposeHeaders, exposedHeadersString);
}
// Forward the request down the filter chain.
filterChain.DoFilter(request, response);
}
/// <exception cref="System.IO.IOException"/>
private void AddResults(IHttpServletRequest request, IHttpServletResponse response)
{
string input = request.GetParameter("input");
if (input == null)
{
return;
}
input = input.Trim();
if (input.IsEmpty())
{
return;
}
PrintWriter @out = response.GetWriter();
if (input.Length > MaximumQueryLength)
{
@out.Print("This query is too long. If you want to run very long queries, please download and use our <a href=\"http://nlp.stanford.edu/software/CRF-NER.html\">publicly released distribution</a>.");
return;
}
string outputFormat = request.GetParameter("outputFormat");
if (outputFormat == null || outputFormat.Trim().IsEmpty())
{
outputFormat = this.format;
}
bool preserveSpacing;
string preserveSpacingStr = request.GetParameter("preserveSpacing");
if (preserveSpacingStr == null || preserveSpacingStr.Trim().IsEmpty())
{
preserveSpacing = this.spacing;
}
else
{
preserveSpacingStr = preserveSpacingStr.Trim();
preserveSpacing = bool.ValueOf(preserveSpacingStr);
}
string classifier = request.GetParameter("classifier");
if (classifier == null || classifier.Trim().IsEmpty())
{
classifier = this.defaultClassifier;
}
response.AddHeader("classifier", classifier);
response.AddHeader("outputFormat", outputFormat);
response.AddHeader("preserveSpacing", preserveSpacing.ToString());
if (outputFormat.Equals("highlighted"))
{
OutputHighlighting(@out, ners[classifier], input);
}
else
{
@out.Print(StringEscapeUtils.EscapeHtml4(ners[classifier].ClassifyToString(input, outputFormat, preserveSpacing)));
}
}
/// <summary>
/// The default behavior of this method is to call AddHeader(string name, string value)
/// on the wrapped response object.
/// </summary>
/// <param name="name"></param>
/// <param name="value"></param>
public void AddHeader(string name, string value)
{
HttpServletResponse.AddHeader(name, value);
}
/// <summary>Handles CORS pre-flight request.</summary>
/// <param name="request">
/// The
/// <see cref="Javax.Servlet.Http.IHttpServletRequest"/>
/// object.
/// </param>
/// <param name="response">
/// The
/// <see cref="Javax.Servlet.Http.IHttpServletResponse"/>
/// object.
/// </param>
/// <param name="filterChain">
/// The
/// <see cref="Javax.Servlet.IFilterChain"/>
/// object.
/// </param>
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Javax.Servlet.ServletException"/>
public void HandlePreflightCORS(IHttpServletRequest request, IHttpServletResponse response, IFilterChain filterChain)
{
CORSFilter.CORSRequestType requestType = CheckRequestType(request);
if (requestType != CORSFilter.CORSRequestType.PreFlight)
{
throw new ArgumentException("Expects a HttpServletRequest object of type " + CORSFilter.CORSRequestType.PreFlight.ToString().ToLower());
}
string origin = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderOrigin);
// Section 6.2.2
if (!IsOriginAllowed(origin))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
// Section 6.2.3
string accessControlRequestMethod = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderAccessControlRequestMethod);
if (accessControlRequestMethod == null || (!HttpMethods.Contains(accessControlRequestMethod.Trim())))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
else
{
accessControlRequestMethod = accessControlRequestMethod.Trim();
}
// Section 6.2.4
string accessControlRequestHeadersHeader = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderAccessControlRequestHeaders);
IList <string> accessControlRequestHeaders = new LinkedList <string>();
if (accessControlRequestHeadersHeader != null && !accessControlRequestHeadersHeader.Trim().IsEmpty())
{
string[] headers = accessControlRequestHeadersHeader.Trim().Split(",");
foreach (string header in headers)
{
accessControlRequestHeaders.Add(header.Trim().ToLower());
}
}
// Section 6.2.5
if (!allowedHttpMethods.Contains(accessControlRequestMethod))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
// Section 6.2.6
if (!accessControlRequestHeaders.IsEmpty())
{
foreach (string header in accessControlRequestHeaders)
{
if (!allowedHttpHeaders.Contains(header))
{
HandleInvalidCORS(request, response, filterChain);
return;
}
}
}
// Section 6.2.7
if (supportsCredentials)
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, origin);
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowCredentials, "true");
}
else
{
if (anyOriginAllowed)
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, "*");
}
else
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, origin);
}
}
// Section 6.2.8
if (preflightMaxAge > 0)
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlMaxAge, preflightMaxAge.ToString());
}
// Section 6.2.9
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowMethods, accessControlRequestMethod);
// Section 6.2.10
if ((allowedHttpHeaders != null) && (!allowedHttpHeaders.IsEmpty()))
{
response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowHeaders, Join(allowedHttpHeaders, ","));
}
}