diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2016-02-26 10:50:25 +1300 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2016-02-26 10:50:25 +1300 |
commit | 31da2dba43dfc4fa963f51ac1f249029a746319f (patch) | |
tree | 22a7de885f6c859d3f3a2784026131a53122e8d3 /src/org/traccar/web/BaseServlet.java | |
parent | 967b513318d4778b7ae5023e48cb544e2e9579a3 (diff) | |
parent | de5c65eb3854776840690a80cf8b3cf8aaf2c7b9 (diff) | |
download | trackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.tar.gz trackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.tar.bz2 trackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.zip |
Merge pull request #1753 from 4nonym0us/patch-1
Check for empty origin value
Diffstat (limited to 'src/org/traccar/web/BaseServlet.java')
-rw-r--r-- | src/org/traccar/web/BaseServlet.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/org/traccar/web/BaseServlet.java b/src/org/traccar/web/BaseServlet.java index 8b022d556..17f4f19cd 100644 --- a/src/org/traccar/web/BaseServlet.java +++ b/src/org/traccar/web/BaseServlet.java @@ -53,7 +53,7 @@ public abstract class BaseServlet extends HttpServlet { String origin = req.getHeader(HttpHeaders.Names.ORIGIN); String allowed = Context.getConfig().getString("web.origin"); - if (allowed == null) { + if (allowed == null || origin == null) { resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW_ORIGIN_VALUE); } else if (allowed.contains(origin)) { String originSafe = URLEncoder.encode(origin, StandardCharsets.UTF_8.name()); |