aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/web/WebServer.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/web/WebServer.java')
-rw-r--r--src/main/java/org/traccar/web/WebServer.java42
1 files changed, 34 insertions, 8 deletions
diff --git a/src/main/java/org/traccar/web/WebServer.java b/src/main/java/org/traccar/web/WebServer.java
index 12fa80d10..44d78cd27 100644
--- a/src/main/java/org/traccar/web/WebServer.java
+++ b/src/main/java/org/traccar/web/WebServer.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2012 - 2019 Anton Tananaev (anton@traccar.org)
+ * Copyright 2012 - 2020 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -15,6 +15,7 @@
*/
package org.traccar.web;
+import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.proxy.AsyncProxyServlet;
@@ -32,6 +33,7 @@ import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.servlet.ServletContainer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.traccar.api.DateParameterConverterProvider;
import org.traccar.config.Config;
import org.traccar.api.AsyncSocketServlet;
import org.traccar.api.CorsResponseFilter;
@@ -44,6 +46,7 @@ import org.traccar.config.Keys;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
+import javax.servlet.SessionCookieConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
@@ -75,12 +78,8 @@ public class WebServer {
ServletContextHandler servletHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);
- int sessionTimeout = config.getInteger("web.sessionTimeout");
- if (sessionTimeout > 0) {
- servletHandler.getSessionHandler().setMaxInactiveInterval(sessionTimeout);
- }
-
initApi(config, servletHandler);
+ initSessionConfig(config, servletHandler);
if (config.getBoolean("web.console")) {
servletHandler.addServlet(new ServletHolder(new ConsoleServlet()), "/console/*");
@@ -161,12 +160,39 @@ public class WebServer {
}
ResourceConfig resourceConfig = new ResourceConfig();
- resourceConfig.registerClasses(JacksonFeature.class, ObjectMapperProvider.class, ResourceErrorHandler.class);
- resourceConfig.registerClasses(SecurityRequestFilter.class, CorsResponseFilter.class);
+ resourceConfig.registerClasses(
+ JacksonFeature.class, ObjectMapperProvider.class, ResourceErrorHandler.class,
+ SecurityRequestFilter.class, CorsResponseFilter.class, DateParameterConverterProvider.class);
resourceConfig.packages(ServerResource.class.getPackage().getName());
servletHandler.addServlet(new ServletHolder(new ServletContainer(resourceConfig)), "/api/*");
}
+ private void initSessionConfig(Config config, ServletContextHandler servletHandler) {
+ int sessionTimeout = config.getInteger("web.sessionTimeout");
+ if (sessionTimeout > 0) {
+ servletHandler.getSessionHandler().setMaxInactiveInterval(sessionTimeout);
+ }
+
+ String sameSiteCookie = config.getString(Keys.WEB_SAME_SITE_COOKIE);
+ if (sameSiteCookie != null) {
+ SessionCookieConfig sessionCookieConfig = servletHandler.getServletContext().getSessionCookieConfig();
+ switch (sameSiteCookie.toLowerCase()) {
+ case "lax":
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_LAX_COMMENT);
+ break;
+ case "strict":
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_STRICT_COMMENT);
+ break;
+ case "none":
+ sessionCookieConfig.setSecure(true);
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_NONE_COMMENT);
+ break;
+ default:
+ break;
+ }
+ }
+ }
+
public void start() {
try {
server.start();
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-14 00:39:46 +0000