diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2016-04-23 11:10:47 +1200 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2016-04-23 11:10:47 +1200 |
commit | 32f5c3ce86ed63ec880c31f337821285be52a94f (patch) | |
tree | 44854a63420dd9c8758a51cff748251cbe0b36d9 | |
parent | 3e8cde2edeac00c07ded5298e313d63c4c8c5b6c (diff) | |
download | trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.gz trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.bz2 trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.zip |
Fix issues with CORS requests
-rw-r--r-- | src/org/traccar/api/BaseResource.java | 6 | ||||
-rw-r--r-- | src/org/traccar/api/CorsResponseFilter.java | 4 | ||||
-rw-r--r-- | src/org/traccar/api/SecurityRequestFilter.java | 5 |
3 files changed, 5 insertions, 10 deletions
diff --git a/src/org/traccar/api/BaseResource.java b/src/org/traccar/api/BaseResource.java index ab891b832..4dafc084c 100644 --- a/src/org/traccar/api/BaseResource.java +++ b/src/org/traccar/api/BaseResource.java @@ -33,10 +33,4 @@ public class BaseResource { return 0; } - @PermitAll - @OPTIONS - public Response options() { - return Response.noContent().build(); - } - } diff --git a/src/org/traccar/api/CorsResponseFilter.java b/src/org/traccar/api/CorsResponseFilter.java index 349580e2f..67d312504 100644 --- a/src/org/traccar/api/CorsResponseFilter.java +++ b/src/org/traccar/api/CorsResponseFilter.java @@ -47,9 +47,9 @@ public class CorsResponseFilter implements ContainerResponseFilter { String origin = request.getHeaderString(HttpHeaders.Names.ORIGIN); String allowed = Context.getConfig().getString("web.origin"); - if (allowed == null || origin == null) { + if (origin == null) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ORIGIN_ALL); - } else if (allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) { + } else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) { response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, origin); } } diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java index 4c6137ede..0f0de2dec 100644 --- a/src/org/traccar/api/SecurityRequestFilter.java +++ b/src/org/traccar/api/SecurityRequestFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com) + * Copyright 2015 - 2016 Anton Tananaev (anton.tananaev@gmail.com) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -57,7 +57,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { public void filter(ContainerRequestContext requestContext) { if (requestContext.getMethod().equals("OPTIONS")) { - throw new WebApplicationException(Response.status(Response.Status.OK).build()); + return; } SecurityContext securityContext = null; @@ -93,6 +93,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build()); } } + } } |