Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
U
Unit
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
OSDU
OSDU Data Platform
System
Reference and Helper Services
Unit
Commits
4763a67d
Commit
4763a67d
authored
2 years ago
by
Rustam Lotsmanenko (EPAM)
Browse files
Options
Downloads
Patches
Plain Diff
added hsts and csp response headers
parent
79549e89
No related branches found
Branches containing commit
No related tags found
Tags containing commit
1 merge request
!158
HSTS and CSP not implemented properly(GONRG-4460)
Pipeline
#106264
passed with warnings
2 years ago
Stage: review
Stage: build
Stage: coverage
Stage: containerize
Stage: scan
Stage: deploy
Stage: integration
Changes
1
Pipelines
4
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
unit-core/src/main/java/org/opengroup/osdu/unitservice/middleware/ResponseHeaderFilter.java
+58
-0
58 additions, 0 deletions
...oup/osdu/unitservice/middleware/ResponseHeaderFilter.java
with
58 additions
and
0 deletions
unit-core/src/main/java/org/opengroup/osdu/unitservice/middleware/ResponseHeaderFilter.java
0 → 100644
+
58
−
0
View file @
4763a67d
package
org.opengroup.osdu.unitservice.middleware
;
import
java.io.IOException
;
import
java.util.Map
;
import
javax.servlet.Filter
;
import
javax.servlet.FilterChain
;
import
javax.servlet.ServletException
;
import
javax.servlet.ServletRequest
;
import
javax.servlet.ServletResponse
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
lombok.RequiredArgsConstructor
;
import
org.apache.http.HttpStatus
;
import
org.opengroup.osdu.core.common.http.ResponseHeadersFactory
;
import
org.opengroup.osdu.core.common.model.http.DpsHeaders
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.stereotype.Component
;
@Component
@RequiredArgsConstructor
public
class
ResponseHeaderFilter
implements
Filter
{
private
static
final
String
OPTIONS_STRING
=
"OPTIONS"
;
private
final
DpsHeaders
dpsHeaders
;
// defaults to * for any front-end, string must be comma-delimited if more than one domain
@Value
(
"${ACCESS_CONTROL_ALLOW_ORIGIN_DOMAINS:*}"
)
String
ACCESS_CONTROL_ALLOW_ORIGIN_DOMAINS
;
private
ResponseHeadersFactory
responseHeadersFactory
=
new
ResponseHeadersFactory
();
@Override
public
void
doFilter
(
ServletRequest
request
,
ServletResponse
response
,
FilterChain
chain
)
throws
IOException
,
ServletException
{
HttpServletRequest
httpRequest
=
(
HttpServletRequest
)
request
;
HttpServletResponse
httpResponse
=
(
HttpServletResponse
)
response
;
this
.
dpsHeaders
.
addCorrelationIdIfMissing
();
Map
<
String
,
String
>
responseHeaders
=
responseHeadersFactory
.
getResponseHeaders
(
ACCESS_CONTROL_ALLOW_ORIGIN_DOMAINS
);
for
(
Map
.
Entry
<
String
,
String
>
header
:
responseHeaders
.
entrySet
())
{
httpResponse
.
addHeader
(
header
.
getKey
(),
header
.
getValue
());
}
httpResponse
.
addHeader
(
DpsHeaders
.
CORRELATION_ID
,
this
.
dpsHeaders
.
getCorrelationId
());
if
(
httpRequest
.
getMethod
().
equalsIgnoreCase
(
OPTIONS_STRING
))
{
httpResponse
.
setStatus
(
HttpStatus
.
SC_OK
);
}
chain
.
doFilter
(
httpRequest
,
httpResponse
);
}
@Override
public
void
destroy
()
{
}
}
\ No newline at end of file
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment