private <P extends Message> void serializeObjectToServlet(P message, HttpServletResponse dest) throws IOException { if (message == null) { // Snapshot is null. It would be nice to 404 here, but we can't let // clients guess valid wavelet ids that they're not authorized to access. dest.sendError(HttpServletResponse.SC_FORBIDDEN); } else { dest.setStatus(HttpServletResponse.SC_OK); dest.setContentType("application/json"); // This is a hack to make sure the fetched data is fresh. // TODO(josephg): Change this so that browsers can cache wave snapshots. Probably need: // 'Cache-Control: must-revalidate, private' and an ETag with the wave[let]'s version. dest.setHeader("Cache-Control", "no-store"); try { dest.getWriter().append(serializer.toJson(message).toString()); } catch (SerializationException e) { throw new IOException(e); } } }
/** * Writes the json with search results to Response. */ private <P extends Message> void serializeObjectToServlet(P message, HttpServletResponse resp) throws IOException { if (message == null) { resp.sendError(HttpServletResponse.SC_FORBIDDEN); } else { resp.setStatus(HttpServletResponse.SC_OK); resp.setContentType("application/json; charset=utf8"); // This is to make sure the fetched data is fresh - since the w3c spec // is rarely respected. resp.setHeader("Cache-Control", "no-store"); try { resp.getWriter().append(serializer.toJson(message).toString()); } catch (SerializationException e) { throw new IOException(e); } } } }
/** * Writes the json with profile results to Response. */ private <P extends Message> void printJson(P message, HttpServletResponse resp) throws IOException { if (message == null) { resp.setStatus(HttpServletResponse.SC_FORBIDDEN); } else { resp.setStatus(HttpServletResponse.SC_OK); resp.setContentType("application/json"); // This is to make sure the fetched data is fresh - since the w3c spec // is rarely respected. resp.setHeader("Cache-Control", "no-store"); try { // FIXME (user) Returning JSON directly from an HTTP GET is vulnerable // to XSSI attacks. Issue https://issues.apache.org/jira/browse/WAVE-135 resp.getWriter().append(serializer.toJson(message).toString()); } catch (SerializationException e) { throw new IOException(e); } } } }
info = serializer.toJson(attachmentsResponse.build()).toString(); } catch (SerializationException ex) { LOG.log(Level.SEVERE, "Attachments info serialize", ex);
/** * The fetch servlet also exposes document snapshots through a longer url * (/fetch/domain/waveid/domain/waveletid/docid). * * @throws Exception */ public void testGetDocument() throws Exception { WaveletData wavelet = waveletProvider.getHostedWavelet(); for (String docId : wavelet.getDocumentIds()) { // We currently have no way to deserialize a document. Instead, we'll // serialize the expected document and compare with what we get from the // fetch servlet. StringWriter writer = new StringWriter(); BlipData expectedDoc = wavelet.getDocument(docId); writer.append("" + protoSerializer.toJson(SnapshotSerializer.serializeDocument(expectedDoc))); String expectedResult = writer.toString(); WaveRef waveref = WaveRef.of(wavelet.getWaveId(), wavelet.getWaveletId(), docId); String actualResult = fetchWaveRef(waveref); assertEquals(expectedResult, actualResult); } }
/** * The fetch servlet also exposes document snapshots through a longer url * (/fetch/domain/waveid/domain/waveletid/docid). * * @throws Exception */ public void testGetDocument() throws Exception { WaveletData wavelet = waveletProvider.getHostedWavelet(); for (String docId : wavelet.getDocumentIds()) { // We currently have no way to deserialize a document. Instead, we'll // serialize the expected document and compare with what we get from the // fetch servlet. StringWriter writer = new StringWriter(); BlipData expectedDoc = wavelet.getDocument(docId); writer.append("" + protoSerializer.toJson(SnapshotSerializer.serializeDocument(expectedDoc))); String expectedResult = writer.toString(); WaveRef waveref = WaveRef.of(wavelet.getWaveId(), wavelet.getWaveletId(), docId); String actualResult = fetchWaveRef(waveref); assertEquals(expectedResult, actualResult); } }
@Override public void sendMessage(int sequenceNo, Message message) { JsonElement json; String str; Timer timer = Timing.start("serializeMessage"); try { json = serializer.toJson(message); String type = message.getDescriptorForType().getName(); str = MessageWrapper.serialize(type, sequenceNo, json); } catch (SerializationException e) { LOG.warning("Failed to JSONify proto message", e); return; } finally { Timing.stop(timer); } try { sendMessageString(str); LOG.fine("sent JSON message over websocket, sequence number " + sequenceNo + ", message " + message); } catch (IOException e) { // TODO(anorth): This failure should be communicated to the caller // so it can attempt retransmission. LOG.warning("Failed to transmit message on socket, sequence number " + sequenceNo + ", message " + message, e); return; } } }