Package org.jboss.aerogear.io.netty.handler.codec.sockjs.handler

Source Code of org.jboss.aerogear.io.netty.handler.codec.sockjs.handler.CorsInboundHandler

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
/*
* Copyright 2013 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License, version
* 2.0 (the "License"); you may not use this file except in compliance with the
* License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.jboss.aerogear.io.netty.handler.codec.sockjs.handler;

import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS;
import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS;
import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_ALLOW_METHODS;
import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN;
import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_MAX_AGE;
import static io.netty.handler.codec.http.HttpHeaders.Names.ACCESS_CONTROL_REQUEST_HEADERS;
import static io.netty.handler.codec.http.HttpHeaders.Names.CACHE_CONTROL;
import static io.netty.handler.codec.http.HttpHeaders.Names.CONTENT_TYPE;
import static io.netty.handler.codec.http.HttpHeaders.Names.EXPIRES;
import static io.netty.handler.codec.http.HttpHeaders.Names.ORIGIN;
import static io.netty.handler.codec.http.HttpHeaders.Names.SET_COOKIE;
import static io.netty.handler.codec.http.HttpResponseStatus.NO_CONTENT;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.handler.codec.http.DefaultHttpResponse;
import io.netty.handler.codec.http.HttpHeaders;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpResponse;
import org.jboss.aerogear.io.netty.handler.codec.sockjs.transport.Transports;
import io.netty.util.AttributeKey;
import io.netty.util.ReferenceCountUtil;

/**
* Handles CORS preflight requests for the sockjs-protocol.
*
*/
public class CorsInboundHandler extends SimpleChannelInboundHandler<HttpRequest> {

    static final AttributeKey<CorsMetadata> CORS = AttributeKey.valueOf("cors.metadata");

    @Override
    public void messageReceived(final ChannelHandlerContext ctx, final HttpRequest request) throws Exception {
        final CorsMetadata metadata = extractCorsMetadata(request);
        if (isPreflightRequest(request)) {
            handlePreflight(ctx, metadata, request);
        } else {
            ctx.channel().attr(CORS).set(metadata);
            ctx.fireChannelRead(ReferenceCountUtil.retain(request));
        }
    }

    private static void handlePreflight(final ChannelHandlerContext ctx, final CorsMetadata md,
                                        final HttpRequest request) {
        final HttpResponse response = new DefaultHttpResponse(request.getProtocolVersion(), NO_CONTENT);
        final HttpHeaders headers = response.headers();
        headers.set(CONTENT_TYPE, Transports.CONTENT_TYPE_PLAIN);
        headers.set(CACHE_CONTROL, "max-age=31536000, public");
        headers.set(ACCESS_CONTROL_ALLOW_ORIGIN, md.origin());
        headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        headers.set(ACCESS_CONTROL_MAX_AGE, "31536000");
        if (isPollingTransport(request.getUri())) {
            headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, POST");
        } else {
            headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, GET");
        }
        headers.set(ACCESS_CONTROL_ALLOW_HEADERS, "Content-Type");
        headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        headers.set(EXPIRES, "dummy");
        headers.set(SET_COOKIE, Transports.DEFAULT_COOKIE);
        ctx.writeAndFlush(response);
    }

    private static boolean isPollingTransport(final String uri) {
        return uri.contains(Transports.Type.XHR.path());
    }

    private static boolean isPreflightRequest(final HttpRequest request) {
        return request.getMethod().equals(HttpMethod.OPTIONS);
    }

    private static CorsMetadata extractCorsMetadata(final HttpRequest request) {
        final String origin = request.headers().get(ORIGIN);
        final String headers = request.headers().get(ACCESS_CONTROL_REQUEST_HEADERS);
        return new CorsMetadata(origin, headers);
    }

}
TOP

Related Classes of org.jboss.aerogear.io.netty.handler.codec.sockjs.handler.CorsInboundHandler

  • io.netty.handler.codec.http.DefaultHttpResponse
  • io.netty.handler.codec.http.HttpHeaders
  • io.netty.handler.codec.http.HttpResponse
  • org.jboss.aerogear.io.netty.handler.codec.sockjs.protocol.SockJsProtocolTest
  • org.jboss.aerogear.io.netty.handler.codec.sockjs.SockJsChannelInitializer
  • org.jboss.aerogear.io.netty.handler.codec.sockjs.util.ChannelUtil
  • org.jboss.aerogear.simplepush.server.netty.SimplePushSockJSServiceTest
  • org.jboss.aerogear.simplepush.server.netty.SockJSChannelInitializer
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.