aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/CorsResponseFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/api/CorsResponseFilter.java')
-rw-r--r--src/main/java/org/traccar/api/CorsResponseFilter.java14
1 files changed, 10 insertions, 4 deletions
diff --git a/src/main/java/org/traccar/api/CorsResponseFilter.java b/src/main/java/org/traccar/api/CorsResponseFilter.java
index 91aea5718..5375e207f 100644
--- a/src/main/java/org/traccar/api/CorsResponseFilter.java
+++ b/src/main/java/org/traccar/api/CorsResponseFilter.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2018 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -16,9 +16,10 @@
package org.traccar.api;
import io.netty.handler.codec.http.HttpHeaderNames;
-import org.traccar.Context;
+import org.traccar.config.Config;
import org.traccar.config.Keys;
+import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
@@ -26,6 +27,13 @@ import java.io.IOException;
public class CorsResponseFilter implements ContainerResponseFilter {
+ private final String allowed;
+
+ @Inject
+ public CorsResponseFilter(Config config) {
+ allowed = config.getString(Keys.WEB_ORIGIN);
+ }
+
private static final String ORIGIN_ALL = "*";
private static final String HEADERS_ALL = "origin, content-type, accept, authorization";
private static final String METHODS_ALL = "GET, POST, PUT, DELETE, OPTIONS";
@@ -46,8 +54,6 @@ public class CorsResponseFilter implements ContainerResponseFilter {
if (!response.getHeaders().containsKey(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString())) {
String origin = request.getHeaderString(HttpHeaderNames.ORIGIN.toString());
- String allowed = Context.getConfig().getString(Keys.WEB_ORIGIN);
-
if (origin == null) {
response.getHeaders().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN.toString(), ORIGIN_ALL);
} else if (allowed == null || allowed.equals(ORIGIN_ALL) || allowed.contains(origin)) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 13:17:11 +0000