@Override public void visitEnd() { super.visitEnd(); if (isUtil) { return; } if (httpMethods.isEmpty()) { // start(*) match httpMethods.addAll(H.Method.actionMethods()); } final List<Router> routers = routers(); if (!noDefPath && paths.isEmpty()) { paths.add(""); } /* * Note we need to schedule route registration after all app code scanned because we need the * parent context information be set on class meta info, which is done after controller scanning */ app().jobManager().on(SysEventId.APP_CODE_SCANNED, "ActionAnnotationVisitor:registerRoute-" + registerRouteTaskCounter.getAndIncrement(), new RouteRegister(envMatched, httpMethods, paths, methodName, routers, classInfo, classInfo.isAbstract() && !isStatic, isVirtual)); }
if (method.unsafe() || !requestHandler.express(ctx)) { dispatcher.dispatch(job); } else {
if (Act.isProd() && v instanceof Versioned && req.method().safe()) { processEtag(meta, v, context, req);
if (method.unsafe() || !requestHandler.express(ctx)) { dispatcher.dispatch(job); } else {
if (Act.isProd() && v instanceof Versioned && req.method().safe()) { processEtag(meta, v, context, req);
H.Request req = context.req(); H.Method method = req.method(); String methodInfo = S.concat(method.name(), " method to "); String acceptHeader = req.header(H.Header.Names.ACCEPT); throw E.unsupport(S.concat(
H.Request req = context.req(); H.Method method = req.method(); String methodInfo = S.concat(method.name(), " method to "); String acceptHeader = req.header(H.Header.Names.ACCEPT); throw E.unsupport(S.concat(
router.addContext(action.toString(), path); } else { H.Method m = H.Method.valueOfIgnoreCase(method); router.addMapping(m, path, action.toString(), RouteSource.ROUTE_TABLE);
router.addContext(action.toString(), path); } else { H.Method m = H.Method.valueOfIgnoreCase(method); router.addMapping(m, path, action.toString(), RouteSource.ROUTE_TABLE);
/** * Do sanity check to see if CSRF token is present. This method * is called before session resolved * * @param context the current context */ public void preCheck(ActionContext context) { if (!enabled) { return; } H.Method method = context.req().method(); if (method.safe()) { return; } String token = retrieveCsrfToken(context); if (S.blank(token)) { raiseCsrfNotVerified(context); } }
@Inject private ActionContext(App app, H.Request request, ActResponse<?> response) { super(app); E.NPE(app, request, response); request.context(this); response.context(this); this.request = request; this.response = response; this.accessLog = app.config().traceRequests() ? Trace.AccessLog.create(request) : null; this._init(); this.state = State.CREATED; AppConfig config = app.config(); this.disableCors = !config.corsEnabled(); this.disableCsrf = req().method().safe(); this.sessionKeyUsername = config.sessionKeyUsername(); this.sessionPassThrough = config.sessionPassThrough(); this.localeResolver = new LocaleResolver(this); this.sessionManager = app.sessionManager(); }
private void preventDoubleSubmission(ActionContext context) { if (null == dspToken) { return; } H.Request req = context.req(); if (req.method().safe()) { return; } String tokenValue = context.paramVal(dspToken); if (S.blank(tokenValue)) { return; } H.Session session = context.session(); String cacheKey = S.concat("DSP-", dspToken); String cached = session.cached(cacheKey); if (S.eq(tokenValue, cached)) { throw Conflict.get(); } session.cacheFor1Min(cacheKey, tokenValue); }
private void preventDoubleSubmission(ActionContext context) { if (null == dspToken) { return; } H.Request req = context.req(); if (req.method().safe()) { return; } String tokenValue = context.paramVal(dspToken); if (S.blank(tokenValue)) { return; } H.Session session = context.session(); String cacheKey = S.concat("DSP-", dspToken); String cached = session.cached(cacheKey); if (S.eq(tokenValue, cached)) { throw Conflict.get(); } session.cacheFor1Min(cacheKey, tokenValue); }
/** * Do sanity check to see if CSRF token is present. This method * is called before session resolved * * @param context the current context */ public void preCheck(ActionContext context) { if (!enabled) { return; } H.Method method = context.req().method(); if (method.safe()) { return; } String token = retrieveCsrfToken(context); if (S.blank(token)) { raiseCsrfNotVerified(context); } }
@Inject private ActionContext(App app, H.Request request, ActResponse<?> response) { super(app); E.NPE(app, request, response); request.context(this); response.context(this); this.request = request; this.response = response; this.accessLog = app.config().traceRequests() ? Trace.AccessLog.create(request) : null; this._init(); this.state = State.CREATED; AppConfig config = app.config(); this.disableCors = !config.corsEnabled(); this.disableCsrf = req().method().safe(); this.sessionKeyUsername = config.sessionKeyUsername(); this.sessionPassThrough = config.sessionPassThrough(); this.localeResolver = new LocaleResolver(this); this.sessionManager = app.sessionManager(); }
@Override public H.Method method() { if (null == method) { method = _method(); if (method == H.Method.POST) { // check the method overload String s = header(H.Header.Names.X_HTTP_METHOD_OVERRIDE); if (S.blank(s)) { s = paramVal("_method"); // Spring convention } if (S.notBlank(s)) { method = H.Method.valueOfIgnoreCase(s); } } } return method; }