SHA1
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
 
				     <groupId>cz.hsrs.maplog</groupId>

			
 
				     <artifactId>DBService</artifactId>

			
 
				     <packaging>war</packaging>

			
 
				-    <version>1.3.5-SNAPSHOT</version>

			
 
				+    <version>15</version>

			
 
				     <name>dbservice Maven Webapp</name>

			
 
				     <url>http://maven.apache.org</url>

			
 
				 

			
--- a/src/main/java/cz/hsrs/rest/util/CorsFilter.java
+++ b/src/main/java/cz/hsrs/rest/util/CorsFilter.java
@@ -4,6 +4,11 @@ import javax.ws.rs.container.ContainerRequestContext;
 
				 import javax.ws.rs.container.ContainerResponseContext;

			
 
				 import javax.ws.rs.container.ContainerResponseFilter;

			
 
				 

			
 
				+/**

			
 
				+ * CORS filter for REST services

			
 
				+ * @author mkepka

			
 
				+ *

			
 
				+ */

			
 
				 public class CorsFilter implements ContainerResponseFilter {

			
 
				 

			
 
				     @Override

			
@@ -16,7 +21,9 @@ public class CorsFilter implements ContainerResponseFilter {
 
				             responseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");

			
 
				         }

			
 
				         else {

			
 
				+        	responseContext.getHeaders().add("Access-Control-Allow-Origin", "*");

			
 
				         	responseContext.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");

			
 
				+        	responseContext.getHeaders().add("Access-Control-Allow-Credentials", "true");

			
 
				         	responseContext.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");

			
 
				         }

			
 
				     }

			
--- a/src/main/java/cz/hsrs/servlet/security/ControllerServlet.java
+++ b/src/main/java/cz/hsrs/servlet/security/ControllerServlet.java
@@ -34,7 +34,7 @@ public class ControllerServlet extends DBServlet {
 
				         /** Session je prazdna... Uzivatel se musi nalogovat */

			
 
				         LoginUser user = new LoginUser(req);

			
 
				 

			
 
				-        /*tests if request came from GUI or from light REST client*/

			
 
				+        /* tests if request came from GUI or from light REST client*/

			
 
				         String coming = req.getParameter("coming");

			
 
				         

			
 
				         if (user.athenticate(req.getParameter("username"), req.getParameter("password"))) {

			
@@ -51,6 +51,7 @@ public class ControllerServlet extends DBServlet {
 
				             resp.addCookie(langcookie);

			
 
				             resp.addCookie(audiocookie);

			
 
				             

			
 
				+            /* request from MapLog GUI */ 

			
 
				             if(coming != null){

			
 
				                 if (coming.equalsIgnoreCase("null") == false){

			
 
				                     if(coming.equalsIgnoreCase("/insert.jsp") == true){

			
@@ -67,12 +68,16 @@ public class ControllerServlet extends DBServlet {
 
				                     JSPHelper.redirect(resp, req.getContextPath() + "/crossroad.jsp");

			
 
				                 }

			
 
				             }

			
 
				-            /** request doesn't contain coming parameter - came from REST client*/

			
 
				+            /* request doesn't contain coming parameter - came from REST client */

			
 
				             else{

			
 
				-                String originDomain = req.getHeader("Origin");

			
 
				-                originDomain = originDomain == null ? req.getScheme() + ":\\\\" + req.getServerName() : "*";

			
 
				+                String originDomain = req.getHeader("origin");

			
 
				+                //originDomain = originDomain == null ? "*" : req.getScheme() + ":\\\\" + req.getServerName();

			
 
				+                originDomain = originDomain == null ? "*" : originDomain;

			
 
				                 resp.setStatus(200);

			
 
				                 resp.setHeader("Access-Control-Allow-Origin", originDomain);

			
 
				+                resp.setHeader("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");

			
 
				+                resp.setHeader("Access-Control-Allow-Credentials", "true");

			
 
				+                resp.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");

			
 
				                 resp.setHeader("Content-Type", "application/json; charset=utf-8");

			
 
				                 resp.getWriter().println("{\"sessionid\":\""+req.getSession().getId()+"\", \"language\":\""+user.getUserLanguage()+"\", \"audio\":\"" + user.isAudio() + "\", \"rightsID\":"+user.getRightsId()+"}");

			
 
				             }

			
@@ -86,7 +91,9 @@ public class ControllerServlet extends DBServlet {
 
				                 /** Login prichazi z REST klienta, vrat jen zpravu*/

			
 
				             } else{

			
 
				                 resp.setStatus(401);

			
 
				-                resp.setHeader("Access-Control-Allow-Origin", "*");

			
 
				+                String originDomain = req.getHeader("origin");

			
 
				+                originDomain = originDomain == null ? "*" : req.getScheme() + ":\\\\" + req.getServerName();

			
 
				+                resp.setHeader("Access-Control-Allow-Origin", originDomain);

			
 
				                 resp.setHeader("Content-Type", "text/plain; charset=utf-8");

			
 
				                 resp.getWriter().println("Wrong username or password!");

			
 
				             }
作者	SHA1 備註	提交日期
mkepka	9a7e926401 Merge branch 'master' of https://git.lesprojekt.cz/luccerny/senslog1.git	4 年之前
mkepka	e38a5f8a3b FIX CORS header	4 年之前