Java Code Examples for javax.ws.rs.container.ContainerResponseContext#getHeaders()

The following examples show how to use javax.ws.rs.container.ContainerResponseContext#getHeaders() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultSecurityHeadersProvider.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void addHeaders(ContainerRequestContext requestContext, ContainerResponseContext responseContext) {
    if (options != null && options.isSkipHeaders()) {
        return;
    }

    MediaType requestType = requestContext.getMediaType();
    MediaType responseType = responseContext.getMediaType();
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();

    if (responseType == null && !isEmptyMediaTypeAllowed(requestContext, responseContext)) {
        LOGGER.errorv("MediaType not set on path {0}, with response status {1}", session.getContext().getUri().getRequestUri().getPath(), responseContext.getStatus());
        throw new InternalServerErrorException();
    }

    if (isRest(requestType, responseType)) {
        addRestHeaders(headers);
    } else if (isHtml(requestType, responseType)) {
        addHtmlHeaders(headers);
    } else {
        addGenericHeaders(headers);
    }
}
 
Example 2
Source File: CsrfProtectFilter.java    From krazo with Apache License 2.0 5 votes vote down vote up
/**
 * Inject CSRF header if enabled in the application.
 *
 * @param requestContext the request context.
 * @param responseContext the response context.
 * @throws IOException if a problem occurs writing a response.
 */
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException {
    if (isCsrfEnabled()) {
        final CsrfToken token = csrfTokenManager.getOrCreateToken();
        final MultivaluedMap<String, Object> headers = responseContext.getHeaders();
        if (!headers.containsKey(token.getHeaderName())) {
            headers.putSingle(token.getHeaderName(), token.getValue());
        }
    }
}
 
Example 3
Source File: CORSResponseFilter.java    From demo-restWS-spring-jersey-tomcat-mybatis with MIT License 5 votes vote down vote up
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
		throws IOException {

	MultivaluedMap<String, Object> headers = responseContext.getHeaders();

	headers.add("Access-Control-Allow-Origin", "*");
	//headers.add("Access-Control-Allow-Origin", "http://podcastpedia.org"); //allows CORS requests only coming from podcastpedia.org		
	headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");			
	headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");
}
 
Example 4
Source File: CacheControlFilter.java    From hawkular-metrics with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException {

    if (cacheControl != null) {
        MultivaluedMap<String, Object> responseHeaders = responseContext.getHeaders();
        responseHeaders.add("Cache-Control", cacheControl);
        responseHeaders.add("Vary", "Origin,Accept-Encoding");
    }
}
 
Example 5
Source File: CORSResponseFilter.java    From demo-rest-jersey-spring with MIT License 5 votes vote down vote up
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
		throws IOException {

	MultivaluedMap<String, Object> headers = responseContext.getHeaders();
	
	headers.add("Access-Control-Allow-Origin", "*");
	//headers.add("Access-Control-Allow-Origin", "http://podcastpedia.org"); //allows CORS requests only coming from podcastpedia.org		
	headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");			
	headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");
}
 
Example 6
Source File: CsrfProtectFilter.java    From ozark with Apache License 2.0 5 votes vote down vote up
/**
 * Inject CSRF header if enabled in the application.
 *
 * @param requestContext the request context.
 * @param responseContext the response context.
 * @throws IOException if a problem occurs writing a response.
 */
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException {
    if (isCsrfEnabled()) {
        final CsrfToken token = csrfTokenManager.getOrCreateToken();
        final MultivaluedMap<String, Object> headers = responseContext.getHeaders();
        if (!headers.containsKey(token.getHeaderName())) {
            headers.putSingle(token.getHeaderName(), token.getValue());
        }
    }
}
 
Example 7
Source File: WebSecurityFilter.java    From notification with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext request, ContainerResponseContext response)
    throws IOException {

  final MultivaluedMap<String, Object> headers = response.getHeaders();

  headers.putSingle(HttpHeaders.X_CONTENT_TYPE_OPTIONS, "nosniff");
  headers.putSingle(HttpHeaders.X_FRAME_OPTIONS, "deny");
  headers.putSingle(HttpHeaders.X_XSS_PROTECTION, "1; mode=block");
}
 
Example 8
Source File: ApiOriginFilter.java    From cxf with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
    throws IOException {
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", "*");
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
    headers.add("Access-Control-Allow-Headers", "Content-Type");
}
 
Example 9
Source File: CharsetResponseFilter.java    From hermes with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
      throws IOException {
	MultivaluedMap<String, Object> headers = responseContext.getHeaders();
	MediaType type = responseContext.getMediaType();
	if (type != null) {
		if (!type.getParameters().containsKey(MediaType.CHARSET_PARAMETER)) {
			MediaType typeWithCharset = type.withCharset("utf-8");
			headers.putSingle("Content-Type", typeWithCharset);
		}
	}
}
 
Example 10
Source File: NoCacheFilter.java    From brooklyn-server with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext request, ContainerResponseContext response) {
    //https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching_FAQ
    MultivaluedMap<String, Object> headers = response.getHeaders();
    headers.putSingle(HttpHeaders.CACHE_CONTROL, "no-cache, no-store");
    headers.putSingle("Pragma", "no-cache");
    headers.putSingle(HttpHeaders.EXPIRES, "0");
}
 
Example 11
Source File: CORSResponseFilter.java    From clouditor with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(
    ContainerRequestContext requestContext, ContainerResponseContext responseContext) {

  MultivaluedMap<String, Object> headers = responseContext.getHeaders();

  // allow AJAX from everywhere
  headers.add("Access-Control-Allow-Origin", component.getAPIAllowedOrigin());
  headers.add("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE");
  headers.add("Access-Control-Allow-Headers", "Authorization,Content-Type");
}
 
Example 12
Source File: CorsFilter.java    From Java-EE-8-and-Angular with MIT License 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext,
        ContainerResponseContext responseContext)
        throws IOException {
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", "*");
    headers.add("Access-Control-Allow-Credentials", "true");
    headers.add("Access-Control-Allow-Headers", "Cache-Control, Origin, X-Requested-With, Content-Type, Accept, Authorization");
    headers.add("Access-Control-Allow-Methods", "HEAD, OPTIONS, GET, POST, DELETE, PUT");
}
 
Example 13
Source File: CORSFilter.java    From flux with Apache License 2.0 5 votes vote down vote up
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException {

    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", "*");
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, HEAD");
    headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Accept, Origin");
}
 
Example 14
Source File: CORSResponseFilter.java    From demo-restWS-spring-jersey-tomcat-mybatis with MIT License 5 votes vote down vote up
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
		throws IOException {

	MultivaluedMap<String, Object> headers = responseContext.getHeaders();

	headers.add("Access-Control-Allow-Origin", "*");
	//headers.add("Access-Control-Allow-Origin", "http://podcastpedia.org"); //allows CORS requests only coming from podcastpedia.org		
	headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");			
	headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");
}
 
Example 15
Source File: ApiOriginFilter.java    From cxf with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
    throws IOException {
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", "*");
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
    headers.add("Access-Control-Allow-Headers", "Content-Type");
}
 
Example 16
Source File: BraveProvider.java    From cxf with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
public void filter(final ContainerRequestContext requestContext,
        final ContainerResponseContext responseContext) throws IOException {
    super.stopTraceSpan(requestContext.getHeaders(), responseContext.getHeaders(),
        responseContext.getStatus(), (TraceScopeHolder<TraceScope>)requestContext.getProperty(TRACE_SPAN));
}
 
Example 17
Source File: ApiOriginFilter.java    From cxf with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
    throws IOException {
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", "*");
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
    headers.add("Access-Control-Allow-Headers", "Content-Type");
}
 
Example 18
Source File: CrossOriginResourceFilter.java    From generator-jvm with MIT License 5 votes vote down vote up
@Override
public void filter(final ContainerRequestContext request, final ContainerResponseContext response) {
  final MultivaluedMap<String, Object> headers = response.getHeaders();
  headers.putSingle("Access-Control-Allow-Origin", "*");
  headers.putSingle("Access-Control-Expose-Headers", "Location");
  headers.putSingle("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
  headers.putSingle("Access-Control-Allow-Headers",
                    "Content-Type, User-Agent, X-Requested-With, X-Requested-By, Cache-Control");
  headers.putSingle("Access-Control-Allow-Credentials", "true");
}
 
Example 19
Source File: CrossOriginResourceFilter.java    From generator-jvm with MIT License 5 votes vote down vote up
@Override
public void filter(final ContainerRequestContext request, final ContainerResponseContext response) {
  final MultivaluedMap<String, Object> headers = response.getHeaders();
  headers.putSingle("Access-Control-Allow-Origin", "*");
  headers.putSingle("Access-Control-Expose-Headers", "Location");
  headers.putSingle("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
  headers.putSingle("Access-Control-Allow-Headers",
                    "Content-Type, User-Agent, X-Requested-With, X-Requested-By, Cache-Control");
  headers.putSingle("Access-Control-Allow-Credentials", "true");
}
 
Example 20
Source File: CORSResponseFilter.java    From wings with Apache License 2.0 5 votes vote down vote up
public void filter(ContainerRequestContext requestContext,
    ContainerResponseContext responseContext) throws IOException {
  
  Config config = new Config();
  PropertyListConfiguration plist = config.getPortalConfiguration(request);
  String clients = plist.getString("clients");
  if(clients != null) {
    MultivaluedMap<String, Object> headers = responseContext.getHeaders();
    headers.add("Access-Control-Allow-Origin", clients);
    headers.add("Access-Control-Allow-Credentials", "true");
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
    headers.add("Access-Control-Allow-Headers",
        "X-Requested-With, Content-Type, Content-Encoding, X-HTTP-Method-Override");
  }
}