// Force embedded images and the like to their own domain to avoid XSS
// in gadget domains.
String msg = "Embed request for url " + getParameter(request, URL_PARAM, "") +
" made to wrong domain " + host;
logger.info(msg);
throw new GadgetException(GadgetException.Code.INVALID_PARAMETER, msg);
}
HttpRequest rcr = buildHttpRequest(request);
HttpResponse results = requestPipeline.execute(rcr);
if (contentRewriterRegistry != null) {
try {
results = contentRewriterRegistry.rewriteHttpResponse(rcr, results);
} catch (RewritingException e) {
throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
}
}
setResponseHeaders(request, response, results);