/** * Resolves the source URI from the request headers ({@code Origin} or {@code Referer}). * * @param containerRequest * the current container request * @return the normalized source URI. */ protected String getSourceUri(HttpServletRequest containerRequest) { String sourceUri = containerRequest.getHeader(WebRequest.HEADER_ORIGIN); if (Strings.isEmpty(sourceUri)) { sourceUri = containerRequest.getHeader(WebRequest.HEADER_REFERER); } return normalizeUri(sourceUri); }
/** * Resolves the source URI from the request headers ({@code Origin} or {@code Referer}). * * @param containerRequest * the current container request * @return the normalized source URI. */ protected String getSourceUri(HttpServletRequest containerRequest) { String sourceUri = containerRequest.getHeader(WebRequest.HEADER_ORIGIN); if (Strings.isEmpty(sourceUri)) { sourceUri = containerRequest.getHeader(WebRequest.HEADER_REFERER); } return normalizeUri(sourceUri); }
/** * Checks whether the {@code Origin} HTTP header of the request matches where the request came * from. * * @param containerRequest * the current container request * @param originHeader * the contents of the {@code Origin} HTTP header * @return {@code true} when the origin of the request matches the {@code Origin} HTTP header */ protected boolean isLocalOrigin(HttpServletRequest containerRequest, String originHeader) { // Make comparable strings from Origin and Location String origin = normalizeUri(originHeader); if (origin == null) return false; String request = getTargetUriFromRequest(containerRequest); if (request == null) return false; return origin.equalsIgnoreCase(request); }
/** * Checks whether the {@code Origin} HTTP header of the request matches where the request came * from. * * @param containerRequest * the current container request * @param originHeader * the contents of the {@code Origin} HTTP header * @return {@code true} when the origin of the request matches the {@code Origin} HTTP header */ protected boolean isLocalOrigin(HttpServletRequest containerRequest, String originHeader) { // Make comparable strings from Origin and Location String origin = normalizeUri(originHeader); if (origin == null) return false; String request = getTargetUriFromRequest(containerRequest); if (request == null) return false; return origin.equalsIgnoreCase(request); }