diff options
| author | Anton Tananaev <anton.tananaev@gmail.com> | 2016-02-26 10:50:53 +1300 |
|---|---|---|
| committer | Anton Tananaev <anton.tananaev@gmail.com> | 2016-02-26 10:50:53 +1300 |
| commit | 26fffb39efe9ce55cfaeccb724551e0c0a579697 (patch) | |
| tree | 541f91ff2cccf437e66443e74444381fee4dc26a /src | |
| parent | 31da2dba43dfc4fa963f51ac1f249029a746319f (diff) | |
| parent | 8b17694d807799c1311fd32e38925f9f5fd0c5a1 (diff) | |
| download | trackermap-server-26fffb39efe9ce55cfaeccb724551e0c0a579697.tar.gz trackermap-server-26fffb39efe9ce55cfaeccb724551e0c0a579697.tar.bz2 trackermap-server-26fffb39efe9ce55cfaeccb724551e0c0a579697.zip | |
Merge pull request #1752 from 4nonym0us/patch-2
Check for empty origin value
Diffstat (limited to 'src')
| -rw-r--r-- | src/org/traccar/api/CorsResponseFilter.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/org/traccar/api/CorsResponseFilter.java b/src/org/traccar/api/CorsResponseFilter.java index 001f6ab4c..5e1ff0852 100644 --- a/src/org/traccar/api/CorsResponseFilter.java +++ b/src/org/traccar/api/CorsResponseFilter.java @@ -54,7 +54,7 @@ public class CorsResponseFilter implements ContainerResponseFilter { if (!response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN_KEY)) { String origin = request.getHeaderString(HttpHeaders.Names.ORIGIN); String allowed = Context.getConfig().getString("web.origin"); - if (allowed == null) { + if (allowed == null || origin == null) { response.getHeaders().add(ACCESS_CONTROL_ALLOW_ORIGIN_KEY, ACCESS_CONTROL_ALLOW_ORIGIN_VALUE); } else if (allowed.contains(origin)) { String originSafe = URLEncoder.encode(origin, StandardCharsets.UTF_8.name()); |