forked from apache/cloudstack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathHttpUtils.java
More file actions
89 lines (80 loc) · 3.39 KB
/
HttpUtils.java
File metadata and controls
89 lines (80 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
//
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
//
package com.cloud.utils;
import org.apache.log4j.Logger;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class HttpUtils {
public static final Logger s_logger = Logger.getLogger(HttpUtils.class);
public static final String UTF_8 = "UTF-8";
public static final String RESPONSE_TYPE_JSON = "json";
public static final String RESPONSE_TYPE_XML = "xml";
public static final String JSON_CONTENT_TYPE = "application/json; charset=UTF-8";
public static final String XML_CONTENT_TYPE = "text/xml; charset=UTF-8";
public static void addSecurityHeaders(final HttpServletResponse resp) {
if (resp.containsHeader("X-Content-Type-Options")) {
resp.setHeader("X-Content-Type-Options", "nosniff");
}
else {
resp.addHeader("X-Content-Type-Options", "nosniff");
}
if (resp.containsHeader("X-XSS-Protection")) {
resp.setHeader("X-XSS-Protection", "1;mode=block");
}
else {
resp.addHeader("X-XSS-Protection", "1;mode=block");
}
}
public static String findCookie(final Cookie[] cookies, final String key) {
for (Cookie cookie: cookies) {
if (cookie != null && cookie.getName().equals(key)) {
return cookie.getValue();
}
}
return null;
}
public static void writeHttpResponse(final HttpServletResponse resp, final String response,
final Integer responseCode, final String responseType, final String jsonContentType) {
try {
if (RESPONSE_TYPE_JSON.equalsIgnoreCase(responseType)) {
if (jsonContentType != null && !jsonContentType.isEmpty()) {
resp.setContentType(jsonContentType);
} else {
resp.setContentType(JSON_CONTENT_TYPE);
}
} else if (RESPONSE_TYPE_XML.equalsIgnoreCase(responseType)){
resp.setContentType(XML_CONTENT_TYPE);
}
if (responseCode != null) {
resp.setStatus(responseCode);
}
addSecurityHeaders(resp);
resp.getWriter().print(response);
} catch (final IOException ioex) {
if (s_logger.isTraceEnabled()) {
s_logger.trace("Exception writing http response: " + ioex);
}
} catch (final Exception ex) {
if (!(ex instanceof IllegalStateException)) {
s_logger.error("Unknown exception writing http response", ex);
}
}
}
}