diff options
Diffstat (limited to 'src/main/java/org/traccar/web')
-rw-r--r-- | src/main/java/org/traccar/web/ConsoleServlet.java | 8 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/ModernDefaultServlet.java | 59 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/OverrideFilter.java | 88 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/ResponseWrapper.java | 83 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/ThrottlingFilter.java | 17 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/WebInjectionManagerFactory.java | 2 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/WebModule.java | 3 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/WebRequestLog.java | 57 | ||||
-rw-r--r-- | src/main/java/org/traccar/web/WebServer.java | 35 |
9 files changed, 316 insertions, 36 deletions
diff --git a/src/main/java/org/traccar/web/ConsoleServlet.java b/src/main/java/org/traccar/web/ConsoleServlet.java index 902a4f7a9..0012ba077 100644 --- a/src/main/java/org/traccar/web/ConsoleServlet.java +++ b/src/main/java/org/traccar/web/ConsoleServlet.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2023 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ package org.traccar.web; import org.h2.server.web.ConnectionInfo; -import org.h2.server.web.WebServlet; +import org.h2.server.web.JakartaWebServlet; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.traccar.config.Config; @@ -26,7 +26,7 @@ import java.lang.reflect.Field; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -public class ConsoleServlet extends WebServlet { +public class ConsoleServlet extends JakartaWebServlet { private static final Logger LOGGER = LoggerFactory.getLogger(ConsoleServlet.class); @@ -41,7 +41,7 @@ public class ConsoleServlet extends WebServlet { super.init(); try { - Field field = WebServlet.class.getDeclaredField("server"); + Field field = JakartaWebServlet.class.getDeclaredField("server"); field.setAccessible(true); org.h2.server.web.WebServer server = (org.h2.server.web.WebServer) field.get(this); diff --git a/src/main/java/org/traccar/web/ModernDefaultServlet.java b/src/main/java/org/traccar/web/ModernDefaultServlet.java new file mode 100644 index 000000000..a7c8cdb29 --- /dev/null +++ b/src/main/java/org/traccar/web/ModernDefaultServlet.java @@ -0,0 +1,59 @@ +/* + * Copyright 2023 Anton Tananaev (anton@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.web; + +import org.eclipse.jetty.servlet.DefaultServlet; +import org.eclipse.jetty.util.resource.Resource; +import org.traccar.config.Config; +import org.traccar.config.Keys; + +import jakarta.inject.Inject; +import java.io.File; +import java.io.IOException; + +public class ModernDefaultServlet extends DefaultServlet { + + private Resource overrideResource; + + @Inject + public ModernDefaultServlet(Config config) { + String override = config.getString(Keys.WEB_OVERRIDE); + if (override != null) { + overrideResource = Resource.newResource(new File(override)); + } + } + + @Override + public Resource getResource(String pathInContext) { + if (overrideResource != null) { + try { + Resource override = overrideResource.addPath(pathInContext); + if (override.exists()) { + return override; + } + } catch (IOException e) { + throw new RuntimeException(e); + } + } + return super.getResource(pathInContext.indexOf('.') < 0 ? "/" : pathInContext); + } + + @Override + public String getWelcomeFile(String pathInContext) { + return super.getWelcomeFile("/"); + } + +} diff --git a/src/main/java/org/traccar/web/OverrideFilter.java b/src/main/java/org/traccar/web/OverrideFilter.java new file mode 100644 index 000000000..9780c9ede --- /dev/null +++ b/src/main/java/org/traccar/web/OverrideFilter.java @@ -0,0 +1,88 @@ +/* + * Copyright 2023 Anton Tananaev (anton@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.web; + +import com.google.inject.Provider; +import org.traccar.api.security.PermissionsService; +import org.traccar.model.Server; +import org.traccar.storage.StorageException; + +import jakarta.inject.Inject; +import jakarta.inject.Singleton; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import java.io.IOException; + +@Singleton +public class OverrideFilter implements Filter { + + private final Provider<PermissionsService> permissionsServiceProvider; + + @Inject + public OverrideFilter(Provider<PermissionsService> permissionsServiceProvider) { + this.permissionsServiceProvider = permissionsServiceProvider; + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + + if (((HttpServletRequest) request).getServletPath().startsWith("/api")) { + chain.doFilter(request, response); + return; + } + + ResponseWrapper wrappedResponse = new ResponseWrapper((HttpServletResponse) response); + + chain.doFilter(request, wrappedResponse); + + byte[] bytes = wrappedResponse.getCapture(); + if (bytes != null) { + if (wrappedResponse.getContentType() != null && wrappedResponse.getContentType().contains("text/html") + || ((HttpServletRequest) request).getPathInfo().endsWith("manifest.webmanifest")) { + + Server server; + try { + server = permissionsServiceProvider.get().getServer(); + } catch (StorageException e) { + throw new RuntimeException(e); + } + + String title = server.getString("title", "Traccar"); + String description = server.getString("description", "Traccar GPS Tracking System"); + String colorPrimary = server.getString("colorPrimary", "#1a237e"); + + String alteredContent = new String(wrappedResponse.getCapture()) + .replace("${title}", title) + .replace("${description}", description) + .replace("${colorPrimary}", colorPrimary); + + byte[] data = alteredContent.getBytes(); + response.setContentLength(data.length); + response.getOutputStream().write(data); + + } else { + response.getOutputStream().write(bytes); + } + } + } + +} diff --git a/src/main/java/org/traccar/web/ResponseWrapper.java b/src/main/java/org/traccar/web/ResponseWrapper.java new file mode 100644 index 000000000..a0eaf6788 --- /dev/null +++ b/src/main/java/org/traccar/web/ResponseWrapper.java @@ -0,0 +1,83 @@ +/* + * Copyright 2023 Anton Tananaev (anton@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.web; + +import jakarta.servlet.ServletOutputStream; +import jakarta.servlet.WriteListener; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponseWrapper; +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +public class ResponseWrapper extends HttpServletResponseWrapper { + + private final ByteArrayOutputStream capture; + private ServletOutputStream output; + + public ResponseWrapper(HttpServletResponse response) { + super(response); + capture = new ByteArrayOutputStream(response.getBufferSize()); + } + + @Override + public ServletOutputStream getOutputStream() { + if (output == null) { + output = new ServletOutputStream() { + @Override + public boolean isReady() { + return true; + } + + @Override + public void setWriteListener(WriteListener writeListener) { + } + + @Override + public void write(int b) { + capture.write(b); + } + + @Override + public void flush() throws IOException { + capture.flush(); + } + + @Override + public void close() throws IOException { + capture.close(); + } + }; + } + return output; + } + + @Override + public void flushBuffer() throws IOException { + super.flushBuffer(); + if (output != null) { + output.flush(); + } + } + + public byte[] getCapture() throws IOException { + if (output != null) { + output.close(); + return capture.toByteArray(); + } + return null; + } + +} diff --git a/src/main/java/org/traccar/web/ThrottlingFilter.java b/src/main/java/org/traccar/web/ThrottlingFilter.java index 054af652f..1bad33db6 100644 --- a/src/main/java/org/traccar/web/ThrottlingFilter.java +++ b/src/main/java/org/traccar/web/ThrottlingFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2022 Anton Tananaev (anton@traccar.org) + * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,13 +19,13 @@ import org.eclipse.jetty.servlets.DoSFilter; import org.traccar.config.Config; import org.traccar.config.Keys; -import javax.inject.Inject; -import javax.inject.Singleton; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; +import jakarta.inject.Inject; +import jakarta.inject.Singleton; +import jakarta.servlet.FilterConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpSession; @Singleton public class ThrottlingFilter extends DoSFilter { @@ -39,6 +39,7 @@ public class ThrottlingFilter extends DoSFilter { if (config.hasKey(Keys.WEB_MAX_REQUESTS_PER_SECOND)) { setMaxRequestsPerSec(config.getInteger(Keys.WEB_MAX_REQUESTS_PER_SECOND)); } + setMaxRequestMs(config.getInteger(Keys.WEB_MAX_REQUEST_SECONDS) * 1000L); } @Override diff --git a/src/main/java/org/traccar/web/WebInjectionManagerFactory.java b/src/main/java/org/traccar/web/WebInjectionManagerFactory.java index 14d9d3dbc..3e73c41ad 100644 --- a/src/main/java/org/traccar/web/WebInjectionManagerFactory.java +++ b/src/main/java/org/traccar/web/WebInjectionManagerFactory.java @@ -23,7 +23,7 @@ import org.jvnet.hk2.guice.bridge.api.GuiceBridge; import org.jvnet.hk2.guice.bridge.api.GuiceIntoHK2Bridge; import org.traccar.Main; -import javax.annotation.Priority; +import jakarta.annotation.Priority; @Priority(20) public class WebInjectionManagerFactory implements InjectionManagerFactory { diff --git a/src/main/java/org/traccar/web/WebModule.java b/src/main/java/org/traccar/web/WebModule.java index 0722c5d1e..a32a6f447 100644 --- a/src/main/java/org/traccar/web/WebModule.java +++ b/src/main/java/org/traccar/web/WebModule.java @@ -1,5 +1,5 @@ /* - * Copyright 2022 Anton Tananaev (anton@traccar.org) + * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,7 @@ public class WebModule extends ServletModule { @Override protected void configureServlets() { + filter("/*").through(OverrideFilter.class); filter("/api/*").through(ThrottlingFilter.class); filter("/api/media/*").through(MediaFilter.class); serve("/api/socket").with(AsyncSocketServlet.class); diff --git a/src/main/java/org/traccar/web/WebRequestLog.java b/src/main/java/org/traccar/web/WebRequestLog.java new file mode 100644 index 000000000..3f3286003 --- /dev/null +++ b/src/main/java/org/traccar/web/WebRequestLog.java @@ -0,0 +1,57 @@ +/* + * Copyright 2023 Anton Tananaev (anton@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.web; + +import org.eclipse.jetty.server.Request; +import org.eclipse.jetty.server.RequestLog; +import org.eclipse.jetty.server.Response; +import org.eclipse.jetty.util.DateCache; +import org.eclipse.jetty.util.component.ContainerLifeCycle; +import org.traccar.api.resource.SessionResource; + +import java.util.Locale; +import java.util.TimeZone; + +public class WebRequestLog extends ContainerLifeCycle implements RequestLog { + + private final Writer writer; + + private final DateCache dateCache = new DateCache( + "dd/MMM/yyyy:HH:mm:ss ZZZ", Locale.getDefault(), TimeZone.getTimeZone("GMT")); + + public WebRequestLog(Writer writer) { + this.writer = writer; + addBean(writer); + } + + @Override + public void log(Request request, Response response) { + try { + Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY); + writer.write(String.format("%s - %s [%s] \"%s %s %s\" %d %d", + request.getRemoteHost(), + userId != null ? String.valueOf(userId) : "-", + dateCache.format(request.getTimeStamp()), + request.getMethod(), + request.getOriginalURI(), + request.getProtocol(), + response.getCommittedMetaData().getStatus(), + response.getHttpChannel().getBytesWritten())); + } catch (Throwable ignored) { + } + } + +} diff --git a/src/main/java/org/traccar/web/WebServer.java b/src/main/java/org/traccar/web/WebServer.java index 79d19cc9b..4759942b1 100644 --- a/src/main/java/org/traccar/web/WebServer.java +++ b/src/main/java/org/traccar/web/WebServer.java @@ -1,5 +1,5 @@ /* - * Copyright 2012 - 2022 Anton Tananaev (anton@traccar.org) + * Copyright 2012 - 2023 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,6 @@ import org.eclipse.jetty.http.HttpCookie; import org.eclipse.jetty.http.HttpMethod; import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.proxy.AsyncProxyServlet; -import org.eclipse.jetty.server.CustomRequestLog; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.RequestLogWriter; import org.eclipse.jetty.server.Server; @@ -52,19 +51,16 @@ import org.traccar.config.Config; import org.traccar.config.Keys; import org.traccar.helper.ObjectMapperContextResolver; -import javax.servlet.DispatcherType; -import javax.servlet.ServletException; -import javax.servlet.SessionCookieConfig; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.DispatcherType; +import jakarta.servlet.ServletException; +import jakarta.servlet.SessionCookieConfig; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import javax.sql.DataSource; import java.io.File; import java.io.IOException; import java.io.Writer; import java.net.InetSocketAddress; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; import java.util.EnumSet; public class WebServer implements LifecycleObject { @@ -103,14 +99,8 @@ public class WebServer implements LifecycleObject { @Override protected void handleErrorPage( HttpServletRequest request, Writer writer, int code, String message) throws IOException { - Path index = Paths.get(config.getString(Keys.WEB_PATH), "index.html"); - if (code == HttpStatus.NOT_FOUND_404 - && !request.getPathInfo().startsWith("/api/") && Files.exists(index)) { - writer.write(Files.readString(index)); - } else { - writer.write("<!DOCTYPE><html><head><title>Error</title></head><html><body>" - + code + " - " + HttpStatus.getMessage(code) + "</body></html>"); - } + writer.write("<!DOCTYPE><html><head><title>Error</title></head><html><body>" + + code + " - " + HttpStatus.getMessage(code) + "</body></html>"); } }); @@ -124,8 +114,7 @@ public class WebServer implements LifecycleObject { RequestLogWriter logWriter = new RequestLogWriter(config.getString(Keys.WEB_REQUEST_LOG_PATH)); logWriter.setAppend(true); logWriter.setRetainDays(config.getInteger(Keys.WEB_REQUEST_LOG_RETAIN_DAYS)); - CustomRequestLog requestLog = new CustomRequestLog(logWriter, CustomRequestLog.NCSA_FORMAT); - server.setRequestLog(requestLog); + server.setRequestLog(new WebRequestLog(logWriter)); } } @@ -150,7 +139,7 @@ public class WebServer implements LifecycleObject { } private void initWebApp(ServletContextHandler servletHandler) { - ServletHolder servletHolder = new ServletHolder(DefaultServlet.class); + ServletHolder servletHolder = new ServletHolder(new ModernDefaultServlet(config)); servletHolder.setInitParameter("resourceBase", new File(config.getString(Keys.WEB_PATH)).getAbsolutePath()); servletHolder.setInitParameter("dirAllowed", "false"); if (config.getBoolean(Keys.WEB_DEBUG)) { @@ -202,14 +191,16 @@ public class WebServer implements LifecycleObject { sessionHandler.setSessionCache(sessionCache); } + SessionCookieConfig sessionCookieConfig = servletHandler.getServletContext().getSessionCookieConfig(); + int sessionTimeout = config.getInteger(Keys.WEB_SESSION_TIMEOUT); if (sessionTimeout > 0) { servletHandler.getSessionHandler().setMaxInactiveInterval(sessionTimeout); + sessionCookieConfig.setMaxAge(sessionTimeout); } String sameSiteCookie = config.getString(Keys.WEB_SAME_SITE_COOKIE); if (sameSiteCookie != null) { - SessionCookieConfig sessionCookieConfig = servletHandler.getServletContext().getSessionCookieConfig(); switch (sameSiteCookie.toLowerCase()) { case "lax": sessionCookieConfig.setComment(HttpCookie.SAME_SITE_LAX_COMMENT); |