aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2016-04-23 11:10:47 +1200
committerAnton Tananaev <anton.tananaev@gmail.com>2016-04-23 11:10:47 +1200
commit32f5c3ce86ed63ec880c31f337821285be52a94f (patch)
tree44854a63420dd9c8758a51cff748251cbe0b36d9 /src/org/traccar
parent3e8cde2edeac00c07ded5298e313d63c4c8c5b6c (diff)
downloadtrackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.gz
trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.bz2
trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.zip
Fix issues with CORS requests
Diffstat (limited to 'src/org/traccar')
-rw-r--r--src/org/traccar/api/BaseResource.java6
-rw-r--r--src/org/traccar/api/CorsResponseFilter.java4
-rw-r--r--src/org/traccar/api/SecurityRequestFilter.java5
3 files changed, 5 insertions, 10 deletions
diff --git a/src/org/traccar/api/BaseResource.java b/src/org/traccar/api/BaseResource.java
index ab891b832..4dafc084c 100644
--- a/src/org/traccar/api/BaseResource.java
+++ b/src/org/traccar/api/BaseResource.java
@@ -33,10 +33,4 @@ public class BaseResource {
return 0;
}
- @PermitAll
- @OPTIONS
- public Response options() {
- return Response.noContent().build();
- }
-
}
diff --git a/src/org/traccar/api/CorsResponseFilter.java b/src/org/traccar/api/CorsResponseFilter.java
index 349580e2f..67d312504 100644
--- a/src/org/traccar/api/CorsResponseFilter.java
+++ b/src/org/traccar/api/CorsResponseFilter.java
@@ -47,9 +47,9 @@ public class CorsResponseFilter implements ContainerResponseFilter {
String origin = request.getHeaderString(HttpHeaders.Names.ORIGIN);
String allowed = Context.getConfig().getString("web.origin");
- if (allowed == null || origin == null) {
+ if (origin == null) {
response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ORIGIN_ALL);
- } else if (allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) {
+ } else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) {
response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
}
}
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java
index 4c6137ede..0f0de2dec 100644
--- a/src/org/traccar/api/SecurityRequestFilter.java
+++ b/src/org/traccar/api/SecurityRequestFilter.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com)
+ * Copyright 2015 - 2016 Anton Tananaev (anton.tananaev@gmail.com)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -57,7 +57,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
public void filter(ContainerRequestContext requestContext) {
if (requestContext.getMethod().equals("OPTIONS")) {
- throw new WebApplicationException(Response.status(Response.Status.OK).build());
+ return;
}
SecurityContext securityContext = null;
@@ -93,6 +93,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build());
}
}
+
}
}