@Override public boolean checkOrigin(String originHeaderValue) { log.trace("checkOrigin: {}", originHeaderValue); return super.checkOrigin(originHeaderValue); }
if (!sec.getConfigurator().checkOrigin(origin)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); return;
if (!sec.getConfigurator().checkOrigin(origin)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); return;
if (!sec.getConfigurator().checkOrigin(origin)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); return;
if (!sec.getConfigurator().checkOrigin(origin)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); return;
if (!sec.getConfigurator().checkOrigin(origin)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); return;
if (!configurator.checkOrigin(req.getOrigin()))
/** * Server side check for protocol specific information to determine whether the request can be upgraded. * <p> * The default implementation will check for the presence of the * {@code Upgrade} header with a value of {@code WebSocket}. * * @param request received {@link UpgradeRequest}. * @return {@code true} if the request should be upgraded to a WebSocket connection. * @throws HandshakeException when origin verification check returns {@code false}. */ final boolean upgrade(UpgradeRequest request) throws HandshakeException { final String upgradeHeader = request.getHeader(UpgradeRequest.UPGRADE); if (request.getHeaders().get(UpgradeRequest.UPGRADE) != null // RFC 6455, paragraph 4.2.1.3 && UpgradeRequest.WEBSOCKET.equalsIgnoreCase(upgradeHeader)) { if (!(configuration instanceof ServerEndpointConfig)) { return false; } if (configurator.checkOrigin(request.getHeader("Origin"))) { return true; } else { throw new HandshakeException(403, LocalizationMessages.ORIGIN_NOT_VERIFIED()); } } return false; }
/** * Server side check for protocol specific information to determine whether the request can be upgraded. * <p> * The default implementation will check for the presence of the * {@code Upgrade} header with a value of {@code WebSocket}. * * @param request received {@link UpgradeRequest}. * @return {@code true} if the request should be upgraded to a WebSocket connection. * @throws HandshakeException when origin verification check returns {@code false}. */ final boolean upgrade(UpgradeRequest request) throws HandshakeException { final String upgradeHeader = request.getHeader(UpgradeRequest.UPGRADE); if (request.getHeaders().get(UpgradeRequest.UPGRADE) != null // RFC 6455, paragraph 4.2.1.3 && UpgradeRequest.WEBSOCKET.equalsIgnoreCase(upgradeHeader)) { if (!(configuration instanceof ServerEndpointConfig)) { return false; } if (configurator.checkOrigin(request.getHeader("Origin"))) { return true; } else { throw new HandshakeException(403, LocalizationMessages.ORIGIN_NOT_VERIFIED()); } } return false; }
/** * Check the value of the Origin header (<a href="http://tools.ietf.org/html/rfc6454">See Origin Header</a>) the client passed during the opening * handshake. * * <p>The platform default implementation of this method makes a check of the * validity of the Origin header sent along with * the opening handshake following the recommendation at: * <a href="http://tools.ietf.org/html/rfc6455#section-4.2">Sending * the Server's Opening Handshake</a>. * * @param originHeaderValue the value of the origin header passed * by the client. * @return whether the check passed or not */ public boolean checkOrigin(String originHeaderValue) { return this.getContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
/** * Check the value of the Origin header (<a href="http://tools.ietf.org/html/rfc6454">See Origin Header</a>) the client passed during the opening * handshake. * * <p>The platform default implementation of this method makes a check of the * validity of the Origin header sent along with * the opening handshake following the recommendation at: * <a href="http://tools.ietf.org/html/rfc6455#section-4.2">Sending * the Server's Opening Handshake</a>. * * @param originHeaderValue the value of the origin header passed * by the client. * @return whether the check passed or not */ public boolean checkOrigin(String originHeaderValue) { return this.getContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
/** * Check the value of the Origin header (<a href="http://tools.ietf.org/html/rfc6454">See Origin Header</a>) the * client passed during the opening handshake. * * <p> * The platform default implementation of this method makes a check of the validity of the Origin header sent * along with the opening handshake following the recommendation at: * <a href="http://tools.ietf.org/html/rfc6455#section-4.2">Sending the Server's Opening Handshake</a>. * * @param originHeaderValue the value of the origin header passed by the client. * @return whether the check passed or not */ public boolean checkOrigin(String originHeaderValue) { return this.getContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
public boolean checkOrigin(String originHeaderValue) { return fetchContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
@Override public boolean checkOrigin(String originHeaderValue) { return cfgr.checkOrigin(originHeaderValue); }
/** * Check the value of the Origin header (<a href="http://tools.ietf.org/html/rfc6454">See Origin Header</a>) the client passed during the opening * handshake. * * <p>The platform default implementation of this method makes a check of the * validity of the Origin header sent along with * the opening handshake following the recommendation at: * <a href="http://tools.ietf.org/html/rfc6455#section-4.2">Sending * the Server's Opening Handshake</a>. * * @param originHeaderValue the value of the origin header passed * by the client. * @return whether the check passed or not */ public boolean checkOrigin(String originHeaderValue) { return this.getContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
/** * Check the value of the Origin header (<a href="http://tools.ietf.org/html/rfc6454">See Origin Header</a>) the client passed during the opening * handshake. * * <p>The platform default implementation of this method makes a check of the * validity of the Origin header sent along with * the opening handshake following the recommendation at: * <a href="http://tools.ietf.org/html/rfc6455#section-4.2">Sending * the Server's Opening Handshake</a>. * * @param originHeaderValue the value of the origin header passed * by the client. * @return whether the check passed or not */ public boolean checkOrigin(String originHeaderValue) { return this.getContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
public boolean checkOrigin(String originHeaderValue) { return fetchContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
@Override public boolean checkOrigin(String originHeaderValue) { return delegate.checkOrigin(originHeaderValue); }
public boolean checkOrigin(String originHeaderValue) { return fetchContainerDefaultConfigurator().checkOrigin(originHeaderValue); }
@Override public boolean checkOrigin(String originHeaderValue) { return delegate.checkOrigin(originHeaderValue); }