Refine search
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { if (!response.hasEntity()) { return; List<String> varyHeader = response.getStringHeaders().get(HttpHeaders.VARY); if (varyHeader == null || !varyHeader.contains(HttpHeaders.ACCEPT_ENCODING)) { response.getHeaders().add(HttpHeaders.VARY, HttpHeaders.ACCEPT_ENCODING); if (response.getHeaders().getFirst(HttpHeaders.CONTENT_ENCODING) != null) { return; List<String> acceptEncoding = request.getHeaders().get(HttpHeaders.ACCEPT_ENCODING); response.getHeaders().putSingle(HttpHeaders.CONTENT_ENCODING, contentEncoding);
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { // we have already added the necessary headers for OPTIONS requests below if ("options".equalsIgnoreCase(requestContext.getRequest().getMethod())) { if(Response.Status.Family.familyOf(responseContext.getStatus()) == Response.Status.Family.SUCCESSFUL) { return; } responseContext.setStatus(Response.Status.NO_CONTENT.getStatusCode()); responseContext.setEntity(""); } String origin = requestContext.getHeaders().getFirst("Origin"); if (origin != null && !origin.isEmpty()) { responseContext.getHeaders().add("Access-Control-Allow-Origin", origin); responseContext.getHeaders().add("Access-Control-Allow-Credentials", true); responseContext.getHeaders().add("Access-Control-Allow-Headers", "Authorization, Content-Type, X-Graylog-No-Session-Extension, X-Requested-With, X-Requested-By"); responseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); // In order to avoid redoing the preflight thingy for every request, see http://stackoverflow.com/a/12021982/1088469 responseContext.getHeaders().add("Access-Control-Max-Age", "600"); // 10 minutes seems to be the maximum allowable value } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (responseContext.hasEntity()) { Exception e = (Exception) responseContext.getEntity(); if (exceptionClass.isAssignableFrom(e.getClass()) || (e.getCause() != null && exceptionClass.isAssignableFrom(e.getCause().getClass()))) { meter.mark(); } responseContext.setEntity(null); responseContext.getHeaders().add("X-Exceptions-Thrown", e.toString() + " : " + meter.getCount()); } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (responseContext.getStatusInfo().equals(Response.Status.UNAUTHORIZED)) { final String requestedWith = requestContext.getHeaderString(HttpHeaders.X_REQUESTED_WITH); if ("XMLHttpRequest".equalsIgnoreCase(requestedWith)) { responseContext.getHeaders().remove(HttpHeaders.WWW_AUTHENTICATE); } } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { System.out.println("WebApplicationExceptionFilter.postFilter() enter"); if (responseContext.hasEntity() && responseContext.getEntity().equals("Response Exception")) { throw new WebApplicationException(Response.Status.OK); } System.out.println("WebApplicationExceptionFilter.postFilter() exit"); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { // Add no-cache to XMLHttpRequests, to avoid browsers caching results String requestedWith = requestContext.getHeaders().getFirst("X-Requested-With"); if ("XMLHttpRequest".equals(requestedWith)) { responseContext.getHeaders().add("Cache-Control", "no-cache"); } } }
@Override public void filter(final ContainerRequestContext request, final ContainerResponseContext response) throws IOException { String id = request.getHeaderString(REQUEST_ID); if (Strings.isNullOrEmpty(id)) { id = generateRandomUuid().toString(); } logger.trace("method={} path={} request_id={} status={} length={}", request.getMethod(), request.getUriInfo().getPath(), id, response.getStatus(), response.getLength()); response.getHeaders().putSingle(REQUEST_ID, id); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { final Response.StatusType responseStatus = responseContext.getStatusInfo(); final String requestPath = requestContext.getUriInfo().getAbsolutePath().getPath(); final List<MediaType> acceptableMediaTypes = requestContext.getAcceptableMediaTypes(); final boolean acceptsHtml = acceptableMediaTypes.stream() .anyMatch(mediaType -> mediaType.isCompatible(MediaType.TEXT_HTML_TYPE) || mediaType.isCompatible(MediaType.APPLICATION_XHTML_XML_TYPE)); final boolean isGetRequest = "get".equalsIgnoreCase(requestContext.getMethod()); if (isGetRequest && responseStatus == Response.Status.NOT_FOUND && acceptsHtml && !requestPath.startsWith("/" + HttpConfiguration.PATH_API)) { final String entity = indexHtmlGenerator.get(requestContext.getHeaders()); responseContext.setStatusInfo(Response.Status.OK); responseContext.setEntity(entity, new Annotation[0], MediaType.TEXT_HTML_TYPE); responseContext.getHeaders().putSingle("X-UA-Compatible", "IE=edge"); } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { final Timer.Context context = (Timer.Context) requestContext.getProperty("metricsTimerContext"); if (context == null) return; final long elapsedNanos = context.stop(); responseContext.getHeaders().add("X-Runtime-Microseconds", TimeUnit.NANOSECONDS.toMicros(elapsedNanos)); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (!cacheResponseHeader.isEmpty()) { responseContext.getHeaders().add(HttpHeaders.CACHE_CONTROL, cacheResponseHeader); } }
@Override public void filter(final ContainerRequestContext requestContext, final ContainerResponseContext responseContext) throws IOException { if (!logger.isLoggable(level)) { return; } final Object requestId = requestContext.getProperty(LOGGING_ID_PROPERTY); final long id = requestId != null ? (Long) requestId : _id.incrementAndGet(); final StringBuilder b = new StringBuilder(); printResponseLine(b, "Server responded with a response", id, responseContext.getStatus()); printPrefixedHeaders(b, id, RESPONSE_PREFIX, responseContext.getStringHeaders()); if (responseContext.hasEntity() && printEntity(verbosity, responseContext.getMediaType())) { final OutputStream stream = new LoggingStream(b, responseContext.getEntityStream()); responseContext.setEntityStream(stream); requestContext.setProperty(ENTITY_LOGGER_PROPERTY, stream); // not calling log(b) here - it will be called by the interceptor } else { log(b); } } }
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { if (!response.getHeaders().containsKey(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS.toString())) { response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS.toString(), HEADERS_ALL); } if (!response.getHeaders().containsKey(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS.toString())) { response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS.toString(), true); } if (!response.getHeaders().containsKey(HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS.toString())) { response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS.toString(), METHODS_ALL); } if (!response.getHeaders().containsKey(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString())) { String origin = request.getHeaderString(HttpHeaderNames.ORIGIN.toString()); String allowed = Context.getConfig().getString("web.origin"); if (origin == null) { response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), ORIGIN_ALL); } else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) { response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), origin); } } }
@Override public void filter(final ContainerRequestContext requestContext, final ContainerResponseContext responseContext) throws IOException { if (HttpMethod.OPTIONS.equals(requestContext.getMethod())) { final MultivaluedMap<String, Object> headers = responseContext.getHeaders(); if (!headers.containsKey(ACCEPT_PATCH_HEADER)) { headers.putSingle(ACCEPT_PATCH_HEADER, MediaType.APPLICATION_JSON_PATCH_JSON); } } } }
/** * CORS response filter. Allow requests from anywhere. * Just echo back the contents of the Origin header. * Allow credentials if the transport layer is secure. */ @Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { String origin = request.getHeaderString("Origin"); // case insensitive MultivaluedMap<String, Object> headers = response.getHeaders(); headers.add("Access-Control-Allow-Origin", origin); boolean secureTransport = request.getSecurityContext().isSecure(); headers.add("Access-Control-Allow-Credentials", secureTransport); }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { ResteasyDeployment deployment = ResteasyContext.getContextData(ResteasyDeployment.class); if (deployment != null) { Boolean disable = (Boolean) deployment.getProperty(ResteasyContextParameters.RESTEASY_DISABLE_HTML_SANITIZER); if (disable != null && disable) { return; } } if (HttpResponseCodes.SC_BAD_REQUEST == responseContext.getStatus()) { Object entity = responseContext.getEntity(); if (entity != null && entity instanceof String) { ArrayList<Object> contentTypes = (ArrayList<Object>)responseContext.getHeaders().get("Content-Type"); if (contentTypes != null && containsHtmlText(contentTypes)) { String escapedMsg = escapeXml((String) entity); responseContext.setEntity(escapedMsg); } } } }
@Override public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException { String method = containerRequestContext.getRequest().getMethod(); if (method.equals("POST") && containerResponseContext.getStatus() == Response.Status.OK.getStatusCode()) { containerResponseContext.setStatus(Response.Status.CREATED.getStatusCode()); RestEntity entity = (RestEntity) containerResponseContext.getEntity(); String id = entity.getId(); containerResponseContext.getHeaders().add("Location", containerRequestContext.getUriInfo().getAbsolutePathBuilder().path(id).build().toString()); } //containerResponseContext.getHeaders().put("Location") } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { String clientId = requestContext.getHeaderString("X-Client"); if (flowController.isTooManyRequests(clientId)) { responseContext.getHeaders().add("X-FlowControl", "slowdown"); } Transaction.close(requestContext.getProperty(TRANSACTION), responseContext.getStatus() >= 500); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (responseContext.getStatus() == 200) { responseContext.getHeaders().putSingle(HttpHeaders.CACHE_CONTROL, cacheControl); } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { String origin = requestContext.getHeaderString(CorsHeaders.ORIGIN); if (origin == null || requestContext.getMethod().equalsIgnoreCase("OPTIONS") || requestContext.getProperty("cors.failure") != null) { // don't do anything if origin is null, its an OPTIONS request, or cors.failure is set return; } responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin); responseContext.getHeaders().putSingle(CorsHeaders.VARY, CorsHeaders.ORIGIN); if (allowCredentials) responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); if (exposedHeaders != null) { responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposedHeaders); } }