aboutsummaryrefslogtreecommitdiff
path: root/src/org
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2016-02-26 10:50:25 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2016-02-26 10:50:25 +1300
commit31da2dba43dfc4fa963f51ac1f249029a746319f (patch)
tree22a7de885f6c859d3f3a2784026131a53122e8d3 /src/org
parent967b513318d4778b7ae5023e48cb544e2e9579a3 (diff)
parentde5c65eb3854776840690a80cf8b3cf8aaf2c7b9 (diff)
downloadtrackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.tar.gz
trackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.tar.bz2
trackermap-server-31da2dba43dfc4fa963f51ac1f249029a746319f.zip
Merge pull request #1753 from 4nonym0us/patch-1
Check for empty origin value
Diffstat (limited to 'src/org')
-rw-r--r--src/org/traccar/web/BaseServlet.java2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/org/traccar/web/BaseServlet.java b/src/org/traccar/web/BaseServlet.java
index 8b022d556..17f4f19cd 100644
--- a/src/org/traccar/web/BaseServlet.java
+++ b/src/org/traccar/web/BaseServlet.java
@@ -53,7 +53,7 @@ public abstract class BaseServlet extends HttpServlet {
String origin = req.getHeader(HttpHeaders.Names.ORIGIN);
String allowed = Context.getConfig().getString("web.origin");
- if (allowed == null) {
+ if (allowed == null || origin == null) {
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW_ORIGIN_VALUE);
} else if (allowed.contains(origin)) {
String originSafe = URLEncoder.encode(origin, StandardCharsets.UTF_8.name());