public class CorsHttpServer extends HttpServer
HttpServer.Handler, HttpServer.Request, HttpServer.Response
Modifier and Type | Field and Description |
---|---|
private static java.lang.String |
ALLOW_HEADERS_KEY |
private static java.lang.String |
ALLOW_METHOD_KEY |
private static java.lang.String |
ALLOW_ORIGIN_KEY |
private OriginAuthorizer |
authorizer_ |
private static java.util.Set |
extraAddrSet_
Set of permitted InetAddrs along side localhost.
|
static java.lang.String |
EXTRAHOSTS_PROP
System property ("jsamp.web.extrahosts") which can be used to supply host addresses
explicitly permitted to connect via the Web Profile alongside
the local host.
|
private static java.util.logging.Logger |
logger_ |
private static java.lang.String |
ORIGIN_KEY |
private static java.util.regex.Pattern |
ORIGIN_REGEX |
private static java.lang.String |
REQUEST_METHOD_KEY |
HDR_CONTENT_TYPE, STATUS_OK
Constructor and Description |
---|
CorsHttpServer(java.net.ServerSocket socket,
OriginAuthorizer authorizer)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
private static void |
checkOriginList(java.lang.String originTxt)
Checks that the content of an Origin header is syntactically legal.
|
private HttpServer.Response |
createNonLocalErrorResponse(HttpServer.Request request) |
private static java.net.InetAddress[] |
getExtraHostAddresses()
Acquires and returns a list of permitted non-local hosts from the
environment.
|
private boolean |
isAuthorized(java.lang.String originTxt)
Determines whether a given origin is permitted access.
|
private static boolean |
isExtraHost(java.net.InetAddress iaddr)
Indicates whether a given address represents one of the "extra" hosts
permitted to access this server alongside the localhost.
|
boolean |
isPermittedHost(java.net.SocketAddress address)
Indicates whether a network address is known to represent
a host permitted to access this server.
|
HttpServer.Response |
serve(HttpServer.Request request)
Does the work for providing output corresponding to a given HTTP request.
|
private HttpServer.Response |
servePreflightOriginRequest(HttpServer.Request request,
java.lang.String originTxt,
java.lang.String reqMethod)
Does the work for serving pre-flight requests.
|
private HttpServer.Response |
serveSimpleOriginRequest(HttpServer.Request request,
java.lang.String originTxt)
Does the work for serving simple requests which bear an
origin header.
|
addHandler, create405Response, createErrorResponse, createErrorResponse, getBaseUrl, getHeader, getSocket, isRunning, removeHandler, serveRequest, setDaemon, start, stop
private final OriginAuthorizer authorizer_
private static final java.lang.String ORIGIN_KEY
private static final java.lang.String ALLOW_ORIGIN_KEY
private static final java.lang.String REQUEST_METHOD_KEY
private static final java.lang.String ALLOW_METHOD_KEY
private static final java.lang.String ALLOW_HEADERS_KEY
private static final java.util.regex.Pattern ORIGIN_REGEX
private static final java.util.logging.Logger logger_
public static final java.lang.String EXTRAHOSTS_PROP
private static final java.util.Set extraAddrSet_
public CorsHttpServer(java.net.ServerSocket socket, OriginAuthorizer authorizer) throws java.io.IOException
socket
- socket hosting the serviceauthorizer
- defines which domains requests will be
permitted fromjava.io.IOException
public HttpServer.Response serve(HttpServer.Request request)
HttpServer
serve
in class HttpServer
request
- represents an HTTP request that has been receivedprivate HttpServer.Response serveSimpleOriginRequest(HttpServer.Request request, java.lang.String originTxt)
request
- HTTP requestoriginTxt
- content of the Origin headerprivate HttpServer.Response servePreflightOriginRequest(HttpServer.Request request, java.lang.String originTxt, java.lang.String reqMethod)
request
- HTTP requestoriginTxt
- content of the Origin headerreqMethod
- content of the Access-Control-Request-Method headerprivate HttpServer.Response createNonLocalErrorResponse(HttpServer.Request request)
private boolean isAuthorized(java.lang.String originTxt)
originTxt
- content of Origin headerpublic boolean isPermittedHost(java.net.SocketAddress address)
address
- socket addressprivate static java.net.InetAddress[] getExtraHostAddresses()
private static boolean isExtraHost(java.net.InetAddress iaddr)
iaddr
- address of non-local host to testprivate static void checkOriginList(java.lang.String originTxt)
originTxt
- content of Origin headerIllegalArgumentExeption
- if originTxt does not represent
a legal origin or (non-empty) list of origins