@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { String origin = requestContext.getHeaderString(ORIGIN); if (origin == null || requestContext.getMethod().equalsIgnoreCase("OPTIONS") || requestContext.getProperty("cors.failure") != null) { // don't do anything if origin is null, its an OPTIONS request, or cors.failure is set return; } responseContext.getHeaders().putSingle(ACCESS_CONTROL_ALLOW_ORIGIN, origin); if (allowCredentials) responseContext.getHeaders().putSingle(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); if (exposedHeaders != null) { responseContext.getHeaders().putSingle(ACCESS_CONTROL_EXPOSE_HEADERS, exposedHeaders); } }
@Override public void filter( ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException { MultivaluedMap<String, Object> headers = containerResponseContext.getHeaders(); headers.add( "Access-Control-Allow-Origin", "*"); headers.add( "Access-Control-Allow-Methods", "GET, POST, OPTIONS"); headers.add( "Access-Control-Allow-Headers", "Cache-Control, X-Requested-With, Origin, Content-Type, Accept, Authorization"); }
@Override public void filter(final ContainerRequestContext req, final ContainerResponseContext res) throws IOException { if (READ_METHODS.contains(req.getMethod())) { if (res.getLinks().stream().filter(l -> l.getRel().equals(TYPE)).map(Link::getUri).map(URI::toString) .anyMatch(uri -> uri.equals(Container.getIRIString()) || uri.equals(NonRDFSource.getIRIString()))) { final String urlBase = nonNull(baseUrl) ? baseUrl : req.getUriInfo().getBaseUri().toString(); final String identifier = urlBase + req.getUriInfo().getPath(); res.getHeaders().add("Link", fromUri(identifier + "?ext=" + UPLOADS) .rel(multipartUploadService.getIRIString()).build()); } final List<String> exts = req.getUriInfo().getQueryParameters().getOrDefault("ext", emptyList()); if (exts.contains(UPLOADS)) { res.getHeaders().putSingle(ALLOW, join(",", POST, OPTIONS)); } } }
@Override public void filter(ContainerRequestContext reqCtx, ContainerResponseContext respCtx) throws IOException { final UriInfo uriInfo = reqCtx.getUriInfo(); final MultivaluedMap<String, String> queryParameters = uriInfo.getQueryParameters(); if (queryParameters.containsKey("pretty")) { ObjectWriterInjector.set(new IndentingModifier()); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (!shouldFilter(requestContext, resourceInfo)) { // do nothing if the filter doesn't apply return; } try { Span span = (Span) requestContext.getProperty(SERVER_SPAN_CONTEXT_KEY); if (span != null) { span.setTag(Tags.HTTP_STATUS.getKey(), responseContext.getStatus()); span.finish(); } } catch (Exception e) { LOGGER.error("Server Response Filter failed", e); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { System.out.println("Response = " + requestContext + " " + responseContext); Long start = concurrentRequests.get(requestContext); concurrentRequests.remove(requestContext); long duration = (System.nanoTime() - start); System.out.println("Duration: " + duration); UriInfo uriInfo = requestContext.getUriInfo(); String ipv4 = extractIpAddress(uriInfo); System.out.println("ipv4 = " + ipv4); String serviceName = extractServiceName(uriInfo); System.out.println("serviceName = " + serviceName); String spanName = extractSpanName(uriInfo); System.out.println("spanName = " + spanName); Optional<String> traceId = extractTraceId(requestContext); String spanId = traceId.map(id -> this.tracee.saveChildSpan(id, spanName, serviceName, ipv4, 0)). orElseGet(() -> this.tracee.saveParentSpan(spanName, serviceName, ipv4, duration)); System.out.println("Storing span id: " + spanId); storeSpandId(responseContext, spanId); }
/** * Adds the HTTP head "Access-Control-Allow-Origin: *" to enable * all cross domain requests. */ private static void allowCors(final ContainerRequestContext request, final ContainerResponseContext response) { final String origin = request.getHeaderString("Origin"); if (origin == null) { return; } response.getHeaders().add("Access-Control-Allow-Origin", "*"); response.getHeaders().add("Access-Control-Allow-Credentials", "true"); response.getHeaders().add("Access-Control-Allow-Methods", "GET, HEAD, OPTIONS, PATCH, POST, PUT, DELETE"); final String headers = request.getHeaderString("Access-Control-Request-Headers"); if (headers != null) { response.getHeaders().add("Access-Control-Allow-Headers", UrlUtils.urlDecode(headers)); } }
@SuppressWarnings("rawtypes") @Test public void filter404SingleParameter() { final ContainerRequestContext requestContext = Mockito.mock(ContainerRequestContext.class); final ContainerResponseContext responseContext = Mockito.mock(ContainerResponseContext.class); Mockito.when(responseContext.getStatus()).thenReturn(204); final Annotation anno1 = Mockito.mock(Annotation.class); final Annotation anno2 = Mockito.mock(Annotation.class); final Annotation[] annotations = new Annotation[] { anno1, anno2 }; Mockito.when((Class) anno2.annotationType()).thenReturn(OnNullReturn404.class); Mockito.when(responseContext.getEntityAnnotations()).thenReturn(annotations); final UriInfo uriInfo = Mockito.mock(UriInfo.class); final MultivaluedMap<String, String> parameters = new MultivaluedHashMap<>(); parameters.putSingle("id", "2000"); Mockito.when(uriInfo.getPathParameters()).thenReturn(parameters); Mockito.when(requestContext.getUriInfo()).thenReturn(uriInfo); filter.filter(requestContext, responseContext); Mockito.verify(responseContext, VerificationModeFactory.atLeastOnce()).setStatus(404); Mockito.verify(responseContext, VerificationModeFactory.atLeastOnce()).setEntity( "{\"code\":\"entity\",\"message\":\"2000\",\"parameters\":null,\"cause\":null}", annotations, MediaType.APPLICATION_JSON_TYPE); }
@SuppressWarnings("rawtypes") @Test public void filter404NoParameter() { final ContainerRequestContext requestContext = Mockito.mock(ContainerRequestContext.class); final ContainerResponseContext responseContext = Mockito.mock(ContainerResponseContext.class); Mockito.when(responseContext.getStatus()).thenReturn(204); final Annotation anno1 = Mockito.mock(Annotation.class); final Annotation anno2 = Mockito.mock(Annotation.class); final Annotation[] annotations = new Annotation[] { anno1, anno2 }; Mockito.when((Class) anno2.annotationType()).thenReturn(OnNullReturn404.class); Mockito.when(responseContext.getEntityAnnotations()).thenReturn(annotations); final UriInfo uriInfo = Mockito.mock(UriInfo.class); final MultivaluedMap<String, String> parameters = new MultivaluedHashMap<>(); Mockito.when(uriInfo.getPathParameters()).thenReturn(parameters); Mockito.when(requestContext.getUriInfo()).thenReturn(uriInfo); filter.filter(requestContext, responseContext); Mockito.verify(responseContext, VerificationModeFactory.atLeastOnce()).setStatus(404); Mockito.verify(responseContext, VerificationModeFactory.atLeastOnce()) .setEntity("{\"code\":\"data\",\"message\":null,\"parameters\":null,\"cause\":null}", annotations, MediaType.APPLICATION_JSON_TYPE); }
@Override public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException { MultivaluedMap<String, Object> headers = containerResponseContext.getHeaders(); headers.add(ACCESS_CONTROL_ALLOW_HEADERS, "orgin"); headers.add(ACCESS_CONTROL_ALLOW_HEADERS, "content-type"); headers.add(ACCESS_CONTROL_ALLOW_HEADERS, "accept"); headers.add(ACCESS_CONTROL_ALLOW_HEADERS, "authorization"); customHeaders.forEach(s -> headers.add(ACCESS_CONTROL_ALLOW_HEADERS, s)); // make sure there's only one header with this name String headerString = (String) headers.get(ACCESS_CONTROL_ALLOW_HEADERS).stream() .reduce((a, b) -> a.toString() + ", " + b.toString()).get(); headers.putSingle(ACCESS_CONTROL_ALLOW_HEADERS, headerString); headers.putSingle("Access-Control-Allow-Credentials", "true"); headers.putSingle("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); }
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) { String path = request.getUriInfo().getRequestUri().getPath(); LOG.fine(String.format("Received request : crossdomain for %s", path)); // TODO : disable for production // *** ONLY FOR DEMO *** // response.getHeaders().add("Access-Control-Allow-Origin", "http://localhost:3002"); response.getHeaders().add("Access-Control-Allow-Origin", "*"); response.getHeaders().add("Access-Control-Allow-Headers", "Content-Range, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); response.getHeaders().add("Access-Control-Expose-Headers", "Content-Range, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); // response.getHeaders().add("Access-Control-Allow-Credentials", "http://localhost:3002"); response.getHeaders().add("Access-Control-Allow-Credentials", "*"); response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH"); response.getHeaders().add("Access-Control-Max-Age", "*"); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { final EntityTag entityTag = getEntityTag(responseContext); final Date lastModified = getLastModified(responseContext); responseContext.getHeaders().putSingle(HttpHeaders.CACHE_CONTROL, cacheControl); writeHeader(responseContext, HttpHeaders.ETAG, entityTag); writeHeader(responseContext, HttpHeaders.LAST_MODIFIED, lastModified == null ? null : HttpUtils.getHttpDateFormat().format(lastModified)); final Response.ResponseBuilder builder = evaluatePreconditions(requestContext, entityTag, lastModified); if (builder != null) { responseContext.setStatusInfo(Response.Status.NO_CONTENT); responseContext.setEntity(null); } }
/** * Upon detecting a redirect, either add cookie to response or re-write URL of new * location to co-relate next request. * * @param event the event. */ public void controllerRedirectEvent(@Observes ControllerRedirectEvent event) { if (request.getAttribute(SCOPE_ID) != null) { if (usingCookies()) { Cookie cookie = new Cookie(COOKIE_NAME, request.getAttribute(SCOPE_ID).toString()); cookie.setPath(mvc.getContextPath()); cookie.setMaxAge(600); cookie.setHttpOnly(true); response.addCookie(cookie); } else { final ContainerResponseContext crc = ((ControllerRedirectEventImpl) event).getContainerResponseContext(); final UriBuilder builder = UriBuilder.fromUri(crc.getStringHeaders().getFirst(HttpHeaders.LOCATION)); builder.queryParam(SCOPE_ID, request.getAttribute(SCOPE_ID).toString()); crc.getHeaders().putSingle(HttpHeaders.LOCATION, builder.build()); } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { MultivaluedMap<String, Object> headers = responseContext.getHeaders(); //生成元が異なる場合frame要素やiframe要素の内部に表示しない headers.add("X-Frame-Options", "SAMEORIGIN"); //Content-Typeの自動判別防止 headers.add("X-Content-Type-Options", "nosniff"); //XSSフィルターを有効化する headers.add("X-XSS-Protection", "1; mode=block"); //リソースの取得元を生成元のみに制限する //画像は生成元に加えてgravatarも許可する headers.add("Content-Security-Policy", "default-src 'self'; img-src 'self' www.gravatar.com"); }
@Test public void corsResponseFilter_AnyOriginAndAllowCredentialsGiven_AddsPassedOriginAndVaryHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .allowCredentials() .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertEquals(DEFAULT_ORIGIN, headers.getFirst(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)); assertEquals(CorsHeaders.ORIGIN, headers.getFirst(HttpHeaders.VARY)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_OriginAndAllowCredentialsGiven_AddsPassedOriginAndVaryHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .allowOrigin(DEFAULT_ORIGIN) .allowCredentials() .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertEquals(DEFAULT_ORIGIN, headers.getFirst(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)); assertEquals(CorsHeaders.ORIGIN, headers.getFirst(HttpHeaders.VARY)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_AllowCredentialsGiven_AddsAllowCredentialHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .allowCredentials() .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertEquals("true", headers.getFirst(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)); assertEquals(CorsHeaders.ORIGIN, headers.getFirst(HttpHeaders.VARY)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_DisallowCredentialsGiven_DoesNotAddAllowCredentialHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .disallowCredentials() .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertNull(headers.getFirst(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_NoExposedHeadersGiven_DoesNotAddExposeHeadersHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertNull(headers.getFirst(CorsHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_EmptyExposedHeadersGiven_DoesNotAddExposeHeadersHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .exposeHeaders(Collections.emptySet()) .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertNull(headers.getFirst(CorsHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Test public void corsResponseFilter_ExposedHeadersGiven_AddsExposeHeadersHeader() throws IOException { CorsFilter filter = new CorsFilter.Builder() .exposeHeader("h1") .exposeHeader("h2") .build(); ContainerRequestContext request = createActualRequestMock(DEFAULT_HOST, DEFAULT_ORIGIN, HttpMethod.GET); ContainerResponseContext response = mock(ContainerResponseContext.class); MultivaluedMap<String, Object> headers = new MultivaluedHashMap<>(); when(response.getHeaders()).thenReturn(headers); filter.filter(request, response); assertEquals("h1,h2", headers.getFirst(CorsHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)); verify(response).getHeaders(); verifyZeroInteractions(response); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { MultivaluedMap<String, Object> headers = responseContext.getHeaders(); // Allow from all origins... if (!headers.containsKey("Access-Control-Allow-Origin")) { headers.add("Access-Control-Allow-Origin", "*"); } // Allow changing the following headers... if (!headers.containsKey("Access-Control-Allow-Headers")) { headers.add("Access-Control-Allow-Headers", "Content-Type, auth-id, auth-token"); } // Allow credentials... if (!headers.containsKey("Access-Control-Allow-Credentials")) { headers.add("Access-Control-Allow-Credentials", "true"); } // Allow methods... if (!headers.containsKey("Access-Control-Allow-Methods")) { headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); } // Max 14 days... if (!headers.containsKey("Access-Control-Max-Age")) { headers.add("Access-Control-Max-Age", "1209600"); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { String currentResourceURI = requestContext.getUriInfo().getPath(); if (currentResourceURI.startsWith("/editor") || currentResourceURI.startsWith("/text") || currentResourceURI.startsWith("/binary") || currentResourceURI.startsWith("/audio")) { String fileExtension = currentResourceURI.substring(currentResourceURI.lastIndexOf(".") + 1, currentResourceURI.length()); String mimeType = mimeTypes.get(fileExtension); if (mimeType == null) { mimeType = DEFAULT_MIME_TYPE; } List<Object> contentTypeHeader = responseContext.getHeaders().get(CONTENT_TYPE_HEADER); if (contentTypeHeader != null && !mimeType.equals(DEFAULT_MIME_TYPE)) { contentTypeHeader.clear(); } if (contentTypeHeader == null || contentTypeHeader.isEmpty()) { responseContext.getHeaders().add(CONTENT_TYPE_HEADER, mimeType); } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext cres) throws IOException { cres.getHeaders().add("Access-Control-Allow-Origin", "*"); cres.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization"); cres.getHeaders().add("Access-Control-Allow-Credentials", "true"); cres.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); cres.getHeaders().add("Access-Control-Max-Age", "1209600"); }
@Override public void filter(final ContainerRequestContext req, final ContainerResponseContext res) throws IOException { if (req.getMethod().equals(GET)) { final CacheControl cc = new CacheControl(); cc.setMaxAge(cacheAge); res.getHeaders().add(CACHE_CONTROL, cc); } }
@Override public void filter(final ContainerRequestContext req, final ContainerResponseContext res) throws IOException { if (!req.getUriInfo().getQueryParameters().containsKey(HttpConstants.EXT) || !req.getUriInfo().getQueryParameters().get(HttpConstants.EXT).contains(HttpConstants.ACL)) { res.getHeaders().add(LINK, fromUri(req.getUriInfo().getAbsolutePathBuilder() .queryParam(HttpConstants.EXT, HttpConstants.ACL).build()).rel(HttpConstants.ACL).build()); } }
@Override public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException { containerResponseContext.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); containerResponseContext.getHeaders().putSingle("Access-Control-Allow-Credentials", "true"); containerResponseContext.getHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS, HEAD"); containerResponseContext.getHeaders().putSingle("Access-Control-Allow-Headers", "Origin, Content-Type, Accept, X-Requested-With, Authorization"); }
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { String method = requestContext.getMethod(); logger.debug("Requesting " + method + " for path " + requestContext.getUriInfo().getPath()); Object entity = responseContext.getEntity(); if (entity != null) { logger.debug("Response " + new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(entity)); } }
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { MultivaluedMap<String, Object> headers = responseContext.getHeaders(); headers.add("Access-Control-Allow-Origin", "*"); headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia"); }
@Override public void filter( ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { MDC.remove(mdcName); String correlationId = (String) requestContext.getProperty(mdcName); if (correlationId == null) { // Can happen if there are oauth issues. correlationId = UUID.randomUUID().toString(); } responseContext.getHeaders().add(headerName, correlationId); }
@Override public void filter(final ContainerRequestContext requestContext, final ContainerResponseContext cres) throws IOException { cres.getHeaders().add("Access-Control-Allow-Origin", "*"); cres.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization"); cres.getHeaders().add("Access-Control-Allow-Credentials", "true"); cres.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); cres.getHeaders().add("Access-Control-Max-Age", "1209600"); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext context) throws IOException { UriInfo uriInfo = requestContext.getUriInfo(); List<PathSegment> pathSegments = uriInfo.getPathSegments(); if(pathSegments != null && !pathSegments.isEmpty()) { mdc.remove(); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if(responseContext.getEntityClass() == Template.class) { SuspendableContainerResponseContext ctx = (SuspendableContainerResponseContext) responseContext; ctx.suspend(); Template template = (Template) responseContext.getEntity(); template.render().subscribe(resp -> { ctx.setEntity(resp.getEntity()); ctx.setStatus(resp.getStatus()); ctx.resume(); }, err -> ctx.resume(err)); } }
public Span test(String clientTraceId, String clientSpanId, int statusCode) throws Exception { TracerTestImpl tracer = new TracerTestImpl(); ResourceInfo resourceInfo = Mockito.mock(ResourceInfo.class); Method method = TraceContainerFilterTest.class.getMethod("testNoClientTrace"); Mockito.when(resourceInfo.getResourceMethod()).thenReturn(method); Mockito.when(resourceInfo.getResourceClass()).thenReturn((Class)method.getDeclaringClass()); TraceContainerFilter scf = new TraceContainerFilter(); scf.setTracer(tracer); scf.resourceInfo = resourceInfo; UriInfo uriInfo = Mockito.mock(UriInfo.class); Mockito.when(uriInfo.getRequestUri()).thenReturn(new URI("https://example.com:7110/some/path")); Mockito.when(uriInfo.getPath()).thenReturn("/path"); ContainerRequestContext requestContext = Mockito.mock(ContainerRequestContext.class); Mockito.when(requestContext.getUriInfo()).thenReturn(uriInfo); Mockito.when(requestContext.getMethod()).thenReturn("GET"); Mockito.when(requestContext.getHeaderString(Mockito.eq(TracerImpl.SPAN_ID))).thenReturn(clientSpanId); Mockito.when(requestContext.getHeaderString(Mockito.eq(TracerImpl.TRACE_ID))).thenReturn(clientTraceId); scf.filter(requestContext); Assert.assertNotNull(tracer.getCurrentSpan()); ContainerResponseContext responseContext = Mockito.mock(ContainerResponseContext.class); Mockito.when(responseContext.getEntityAnnotations()).thenReturn(new Annotation[]{}); Mockito.when(responseContext.getStatus()).thenReturn(statusCode); scf.filter(requestContext, responseContext); Assert.assertNull(tracer.getCurrentSpan()); Span span = tracer.getCapturedSpan(); Assert.assertEquals("service", span.getService()); Assert.assertEquals("TraceContainerFilterTest", span.getResource()); Assert.assertEquals("testNoClientTrace", span.getOperation()); return span; }
@Override public void filter(final ContainerRequestContext requestContext, final ContainerResponseContext responseContext) throws IOException { ContainerRequestScope.resetRequestContext(); }
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { response.getHeaders().add("Access-Control-Allow-Origin", "*"); response.getHeaders().add("Access-Control-Allow-Credentials", "true" ); response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"); response.getHeaders().add("Access-Control-Allow-Headers", HTTPHeaderNames.USERNAME + ", " + HTTPHeaderNames.PASSWORD); }
@Override public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException { MultivaluedMap<String, Object> headers = containerResponseContext.getHeaders(); headers.add("Access-Control-Allow-Origin", containerRequestContext.getHeaders().getFirst("Origin")); headers.add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization"); headers.add("Access-Control-Allow-Credentials", "true"); headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { responseContext.getHeaders().add("Access-Control-Allow-Origin", "*"); responseContext.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization"); responseContext.getHeaders().add("Access-Control-Allow-Credentials", "true"); responseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); responseContext.getHeaders().add("Access-Control-Max-Age", "1209600"); }
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { if (!response.getHeaders().containsKey(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS)) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS, HEADERS_ALL); } if (!response.getHeaders().containsKey(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS)) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS, true); } if (!response.getHeaders().containsKey(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_METHODS)) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_METHODS, METHODS_ALL); } if (!response.getHeaders().containsKey(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN)) { String origin = request.getHeaderString(HttpHeaders.Names.ORIGIN); String allowed = Context.getConfig().getString("web.origin"); if (origin == null) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ORIGIN_ALL); } else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, origin); } } }
