Fix issues with CORS requests

author: Anton Tananaev <anton.tananaev@gmail.com> 2016-04-23 11:10:47 +1200
committer: Anton Tananaev <anton.tananaev@gmail.com> 2016-04-23 11:10:47 +1200
commit: 32f5c3ce86ed63ec880c31f337821285be52a94f (patch)
tree: 44854a63420dd9c8758a51cff748251cbe0b36d9 /src
parent: 3e8cde2edeac00c07ded5298e313d63c4c8c5b6c (diff)
download: trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.gz
trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.bz2
trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.zip
3 files changed, 5 insertions, 10 deletions
diff --git a/src/org/traccar/api/BaseResource.java b/src/org/traccar/api/BaseResource.java
index ab891b832..4dafc084c 100644
--- a/src/org/traccar/api/BaseResource.java
+++ b/src/org/traccar/api/BaseResource.java
@@ -33,10 +33,4 @@ public class BaseResource {
         return 0;
     }
 
-    @PermitAll
-    @OPTIONS
-    public Response options() {
-        return Response.noContent().build();
-    }
-
 }
diff --git a/src/org/traccar/api/CorsResponseFilter.java b/src/org/traccar/api/CorsResponseFilter.java
index 349580e2f..67d312504 100644
--- a/src/org/traccar/api/CorsResponseFilter.java
+++ b/src/org/traccar/api/CorsResponseFilter.java
@@ -47,9 +47,9 @@ public class CorsResponseFilter implements ContainerResponseFilter {
             String origin = request.getHeaderString(HttpHeaders.Names.ORIGIN);
             String allowed = Context.getConfig().getString("web.origin");
 
-            if (allowed == null || origin == null) {
+            if (origin == null) {
                 response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ORIGIN_ALL);
-            } else if (allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) {
+            } else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) {
                 response.getHeaders().add(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
             }
         }
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java
index 4c6137ede..0f0de2dec 100644
--- a/src/org/traccar/api/SecurityRequestFilter.java
+++ b/src/org/traccar/api/SecurityRequestFilter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com)
+ * Copyright 2015 - 2016 Anton Tananaev (anton.tananaev@gmail.com)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -57,7 +57,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
     public void filter(ContainerRequestContext requestContext) {
 
         if (requestContext.getMethod().equals("OPTIONS")) {
-            throw new WebApplicationException(Response.status(Response.Status.OK).build());
+            return;
         }
 
         SecurityContext securityContext = null;
@@ -93,6 +93,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
                         Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build());
             }
         }
+
     }
 
 }
author	Anton Tananaev <anton.tananaev@gmail.com>	2016-04-23 11:10:47 +1200
committer	Anton Tananaev <anton.tananaev@gmail.com>	2016-04-23 11:10:47 +1200
commit	32f5c3ce86ed63ec880c31f337821285be52a94f (patch)
tree	44854a63420dd9c8758a51cff748251cbe0b36d9 /src
parent	3e8cde2edeac00c07ded5298e313d63c4c8c5b6c (diff)
download	trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.gz trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.tar.bz2 trackermap-server-32f5c3ce86ed63ec880c31f337821285be52a94f.zip