public boolean isSecure() { return request.isSecure(); }
public LinkSecurity checkPageSecurity(String pageName) { if (!securityEnabled) { return request.isSecure() ? LinkSecurity.SECURE : LinkSecurity.INSECURE; } boolean securePage = isSecure(pageName); if (request.isSecure() == securePage) { return securePage ? LinkSecurity.SECURE : LinkSecurity.INSECURE; } // Return a value that will, ultimately, force an absolute URL. return securePage ? LinkSecurity.FORCE_SECURE : LinkSecurity.FORCE_INSECURE; } }
public String getSecure() { return request.isSecure() ? "secure" : "insecure"; }
private String portExtension(boolean secure) { int configuredPort = secure ? secureHostPort : hostPort; // The default for the ports is 0, which means to use Request.serverPort. That's mostly // for development. if (configuredPort <= 0 && secure == request.isSecure()) { configuredPort = request.getServerPort(); } int expectedPort = secure ? 443 : 80; if (configuredPort == expectedPort || configuredPort <= 0) { return ""; } return ":" + configuredPort; }
private boolean needsRedirect(String pageName) { if (!securityEnabled) { return false; } // We don't (at this time) redirect from secure to insecure, just from insecure to secure. if (request.isSecure()) { return false; } if (!isSecure(pageName)) { return false; } return true; }
Object onReloadRoot() throws MalformedURLException { reloadHelper.forceReload(); return new URL(baseURLSource.getBaseURL(request.isSecure())); }
protected final void train_isSecure(Request request, boolean isSecure) { expect(request.isSecure()).andReturn(isSecure).atLeastOnce(); }
@Override public void write() { Cookie cookie = new Cookie(name, value); cookie.setPath(path == null ? defaultCookiePath : path); if(domain != null) cookie.setDomain(domain); cookie.setMaxAge(maxAge == null ? defaultMaxAge : maxAge); cookie.setSecure(secure == null ? request.isSecure() : secure); cookie.setVersion(version); if (comment != null) { cookie.setComment(comment); } if (httpOnly != null) { cookie.setHttpOnly(httpOnly); } cookieSink.addCookie(cookie); }
public String constructAssetPath(String virtualFolder, String path, StreamableResource resource) throws IOException { assert InternalUtils.isNonBlank(path); assert InternalUtils.isNonBlank(virtualFolder); StringBuilder builder = new StringBuilder(); if (fullyQualified) { builder.append(baseURLSource.getBaseURL(request.isSecure())); } builder.append(prefix); builder.append(virtualFolder); builder.append('/'); // The 'z' prefix indicates a compressed resource. if (resource.getCompression() == CompressionStatus.COMPRESSED) { builder.append('z'); } builder.append(resource.getChecksum()); builder.append('/'); builder.append(path); return pathConverter.convertAssetPath(builder.toString()); }
public void reportException(Throwable exception) { rootException = exception; rootURL = baseURLSource.getBaseURL(request.isSecure()); // Capture this now ... before the gears are shifted around to make ExceptionReport the active page. failurePage = (request.getAttribute(InternalConstants.ACTIVE_PAGE_LOADED) == null) ? null : requestGlobals.getActivePageName(); }
if (prefix.equals(AssetConstants.PROTOCOL_RELATIVE)) url = (request != null && request.isSecure() ? "https:" : "http:") + expanded; url = url.replace("//:", "//"); } else
protected final void train_getBaseSource(BaseURLSource baseURLSource, Request request) { expect(request.isSecure()).andReturn(false); expect(baseURLSource.getBaseURL(false)).andReturn(""); }
@Test public void request_secure_with_x_forwarded_proto() throws Exception { HttpServletRequest sr = mockHttpServletRequest(); expect(sr.isSecure()).andReturn(false); expect(sr.getHeader(RequestImpl.X_FORWARDED_PROTO_HEADER)).andReturn("https"); replay(); Request request = new RequestImpl(sr, CHARSET, null); assertTrue(request.isSecure()); verify(); } }
@Test public void hostname_from_environment_variable() { expect(request.getServerPort()).andReturn(80).once(); expect(request.isSecure()).andReturn(false); replay(); BaseURLSource baseURLSource = new BaseURLSourceImpl(request, "$HOSTNAME", 0, 0); assertEquals(baseURLSource.getBaseURL(false), "http://" + System.getenv("HOSTNAME")); verify(); }
if (request.isSecure())
@Test public void contributed_hostname() { expect(request.getServerPort()).andReturn(80).once(); expect(request.isSecure()).andReturn(false); replay(); BaseURLSource baseURLSource = new BaseURLSourceImpl(request, "my.server.com", 0, 0); assertEquals(baseURLSource.getBaseURL(false), "http://my.server.com"); verify(); }
@Test public void secure_url_without_configured_hostports() { expect(request.isSecure()).andReturn(false).once(); replay(); BaseURLSource baseURLSource = new BaseURLSourceImpl(request, "localhost", 0, 0); // In other words, in the absense of any other configuration, it assumes that you have SSL on port 443 // and there's no need for that in the URL, since that's what the browser is going to do. assertEquals(baseURLSource.getBaseURL(true), "https://localhost"); verify(); }
if (request.isSecure())
@Test public void server_name_from_request_object() { expect(request.getServerName()).andReturn("localhost").once(); expect(request.getServerPort()).andReturn(80).once(); expect(request.isSecure()).andReturn(false); replay(); BaseURLSource baseURLSource = new BaseURLSourceImpl(request, "", 0, 0); assertEquals(baseURLSource.getBaseURL(false), "http://localhost"); verify(); }