public static boolean doXsrfFilter(ServletRequest request, ServletResponse response, Set<String> methodsToIgnore, String headerName) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest)request; if (methodsToIgnore == null) { methodsToIgnore = XSRF_METHODS_TO_IGNORE_DEFAULT ; } if (headerName == null ) { headerName = XSRF_HEADER_DEFAULT; } if (methodsToIgnore.contains(httpRequest.getMethod()) || httpRequest.getHeader(headerName) != null) { return true; } else { ((HttpServletResponse)response).sendError( HttpServletResponse.SC_BAD_REQUEST, "Missing Required Header for Vulnerability Protection"); response.getWriter().println( "XSRF filter denial, requests must contain header : " + headerName); return false; } }
private void passthrough(ServletResponse originalResponse, HttpServletResponseBufferWrapper responseWrapper) throws IOException { if (originalResponse.isCommitted()) { return; } if (responseWrapper.isUsingWriter()) { originalResponse.getWriter().write(responseWrapper.getWriter().getOutput().toString()); } else { ByteArrayOutputStream output = responseWrapper.getOutputStream().getOutput(); output.writeTo(originalResponse.getOutputStream()); } }
private void generateResponseForIsBackupFinishedAPI(ServletResponse response) { response.setContentType("application/json"); JsonObject json = new JsonObject(); json.addProperty("is_backing_up", backupService.isBackingUp()); try { response.getWriter().print(json); } catch (IOException e) { LOGGER.error("General IOException: {}", e.getMessage()); } }
private Object resolveArgument(Class<?> paramType, ServletResponse response) throws IOException { if (OutputStream.class.isAssignableFrom(paramType)) { return response.getOutputStream(); } else if (Writer.class.isAssignableFrom(paramType)) { return response.getWriter(); } // Should never happen... throw new UnsupportedOperationException("Unknown parameter type: " + paramType); }
private void write(Object result, ServletResponse response) { response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); try { String content = MAPPER.writeValueAsString(result); response.getWriter().write(content); } catch (IOException e) { logger.error("write client failed"); } }
String path = req.getServletPath(); if (req.getPathInfo() != null) path += req.getPathInfo(); response.setContentType("text/xml"); PrintWriter out = resp.getWriter(); out.print(resource); resp.sendError(404,e.toString()); resp.sendError(500);
final HttpServletRequest request = ((HttpServletRequest) context.getRequest()); response.setStatus(HttpServletResponse.SC_OK); response.setContentType("GET".equals(request.getMethod()) ? "text/javascript" : "text/xml"); response.setCharacterEncoding("UTF-8"); if ("GET".equals(request.getMethod())) { if (JiveGlobals.getBooleanProperty("xmpp.httpbind.client.no-cache.enabled", true)) { response.getOutputStream().setWriteListener(new WriteListenerImpl(context, byteContent)); } else { context.getResponse().getOutputStream().write(byteContent); context.getResponse().getOutputStream().flush(); context.complete();
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException { HttpServletRequest httpServletRequest = (HttpServletRequest) req; RequestScopedUserInfoStorage storage = userInfoStorage(httpServletRequest); Laboratory laboratory = laboratory(storage); httpServletRequest.getSession(true).setAttribute(PETRI_LABORATORY, laboratory); httpServletRequest.getSession().setAttribute(PETRI_USER_INFO_STORAGE, storage); ByteArrayOutputStream baos = new ByteArrayOutputStream(); final HttpServletResponseWrapper response = new CachingHttpResponse(resp, new ByteArrayServletStream(baos), new PrintWriter(baos)); chain.doFilter(req, response); final UserInfo userInfo = storage.read(); final UserInfo originalUserInfo = storage.readOriginal(); userInfo.saveExperimentState(new CookieExperimentStateStorage(response, laboratoryProperties.getPetriCookieName()), originalUserInfo); if (laboratoryTopology.isWriteStateToServer()) { userInfo.saveExperimentState(new ServerStateExperimentStateStorage(petriClient), originalUserInfo); } resp.getOutputStream().write(baos.toByteArray()); }
filterChain.doFilter(servletRequest, servletResponse); return; filterChain.doFilter(decoraRequest, pageWrapper); Writer writer = servletResponse.getWriter(); ServletOutputStream outputStream = response.getOutputStream(); outputStream.write(pageWrapper.getBufferedBytes()); outputStream.flush(); } else { PrintWriter writer = response.getWriter(); writer.append(CharBuffer.wrap(pageWrapper.getBufferedChars())); writer.flush();
try { if (decision.equals(EntitlementConstants.PERMIT)) { if (((HttpServletRequest) servletRequest).getRequestURI().contains("/updateCacheAuth.do")) { pepProxy.clear(); log.info("PEP cache has been updated"); servletResponse.getWriter().print("PEP cache has been updated"); } else { filterChain.doFilter(servletRequest, servletResponse); servletRequest.getRequestDispatcher(authRedirectURL). forward(servletRequest, servletResponse); } else if (decision.equals(EntitlementConstants.NOT_APPLICABLE)) { log.debug("No applicable policies found"); servletRequest.getRequestDispatcher(authRedirectURL). forward(servletRequest, servletResponse); } else if (decision.equals(EntitlementConstants.INDETERMINATE)) { log.debug("Indeterminate"); servletRequest.getRequestDispatcher(authRedirectURL). forward(servletRequest, servletResponse); } else {
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpServletRequest=(HttpServletRequest)request; if (production){ String uri=httpServletRequest.getRequestURI(); if (!match(uri)){ chain.doFilter(request,response); }else{ response.setContentType("text/palin;charset=UTF-8"); PrintWriter pw=response.getWriter(); pw.write("You do not have permission to access this page"); pw.flush(); } }else{ chain.doFilter(request,response); } }
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { servletResponse.setContentType("text/html"); ((HttpServletResponse) servletResponse).setStatus(HttpServletResponse.SC_OK); servletResponse.getWriter().println("<h1>Hello Whiteboard Filter</h1>"); filterChain.doFilter(servletRequest, servletResponse); }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if(request instanceof HttpServletRequest){ HttpServletRequest httpRequest = (HttpServletRequest)request; String contextPath = httpRequest.getRequestURI(); if(contextPath.endsWith("_ehc.html")){ response.getWriter().println("200"); //直接拦截,后面的逻辑就不执行了 return ; } } chain.doFilter(request, response); }
throws IOException, ServletException { final HttpServletRequest httpRequest = (HttpServletRequest) request; ensureSessionHasToken(httpRequest.getSession(false)); switch (httpRequest.getMethod().toUpperCase()) { case "POST": case "PUT": chain.doFilter(httpRequest, responseWrapper); final HttpSession session = httpRequest.getSession(false); final String responseContentType = responseWrapper.getContentType(); if (session != null && responseContentType != null && responseContentType.toLowerCase().startsWith("text/html")) { response.setContentLength(bytes.length); response.getWriter().print(output); chain.doFilter(request, response);
@Override public PrintWriter getWriter() throws IOException { if (outputStream != null) { throw new IllegalStateException("getOutputStream() has already been called on this response."); } if (writer == null) { outputStream = new ServletOutputStreamWrapper(new FileOutputStream(targetFile)); writer = new PrintWriter(new OutputStreamWriter(outputStream, getResponse().getCharacterEncoding()), true); } return writer; }
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { if (response instanceof HttpServletResponse) { final PrintWriter out = response.getWriter(); final HttpServletResponse wrapper = (HttpServletResponse) response; chain.doFilter(request, wrapper); final String origData = wrapper.getContentType(); if (LOGGER.isLoggable(Level.FINE)) { LOGGER.log(Level.FINE, "Hello"); } if ("text/html".equals(wrapper.getContentType())) { final CharArrayWriter caw = new CharArrayWriter(); final int bodyIndex = origData.indexOf("</body>"); if (-1 != bodyIndex) { caw.write(origData.substring(0, bodyIndex - 1)); caw.write("\n<p>My custom footer</p>"); caw.write("\n</body></html>"); response.setContentLength(caw.toString().length()); out.write(caw.toString()); } else { out.write(origData); } } else { out.write(origData); } out.close(); } else { chain.doFilter(request, response); } }
@Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { if (!isAllowed(HttpServletRequest.class.cast(request)) && !isSecured(request)) { final HttpServletResponse httpServletResponse = HttpServletResponse.class.cast(response); httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN); httpServletResponse.setContentType("application/json"); response.getWriter().write("{}"); return; } chain.doFilter(request, response); }
@Override public void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { AsyncContext context = req.startAsync(); PrintWriter out = context.getResponse().getWriter(); out.print("foo"); out.close(); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String wa = request.getParameter(FederationConstants.PARAM_ACTION); if (FederationConstants.ACTION_SIGNOUT_CLEANUP.equals(wa)) { if (request instanceof HttpServletRequest) { ((HttpServletRequest)request).getSession().invalidate(); } final ServletOutputStream responseOutputStream = response.getOutputStream(); InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("logout.jpg"); if (inputStream == null) { LOG.warn("Could not write logout.jpg"); return; } int read = 0; byte[] buf = new byte[1024]; while ((read = inputStream.read(buf)) != -1) { responseOutputStream.write(buf, 0, read); } inputStream.close(); responseOutputStream.flush(); } else { chain.doFilter(request, response); } } }
/** * Services this request in the same way as it would be serviced if configured * as a Servlet. Does not invoke any filters further down the chain. See the * class-level comment for the reason why this servlet might be configured as a * filter. */ @Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { if (Math.random() > 0.7d) { // response.setStatus(404); response.getWriter().println("The chaos monkey strikes again!"); response.flushBuffer(); } else { super.doFilter(request, response, chain); } } }