Package sk.iway.iwcm

Class PathFilter

java.lang.Object

sk.iway.iwcm.PathFilter

All Implemented Interfaces:

javax.servlet.Filter

public class PathFilter
extends Object
implements javax.servlet.Filter

Filter premapovava volania na virtualne adresare a stranky do volani na spravne docid

Field Summary

Fields

Modifier and Type	Field	Description
static final String	REQUEST_START_TIME

Constructor Summary

Constructors

Constructor	Description
PathFilter()

Method Summary

Modifier and Type	Method	Description
static boolean	bypassPath(String path, javax.servlet.ServletRequest servletRequest)
static boolean	checkAdmin(javax.servlet.http.HttpServletRequest request)	Skontroluje, ci je mozne pristupit k admin casti
static boolean	checkWebAccess(javax.servlet.http.HttpServletRequest request, String path)	Skontroluje, ci je mozne pristupit k verejnej casti webu, nie admin casti
void	destroy()	Take this filter out of service.
static boolean	doFileForbiddenRedirect(EditForm ef, Identity user, String originalPath, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)	Vykona redirect (ak treba) na zobrazenie logon stranky / zamietnutia pristupu k suboru (/files/*), vrati true, ak bol redirect vykonany
void	doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain)	Select and set (if specified) the character encoding to be used to interpret request parameters for this request.
static boolean	forwardToMobileOrTablet(String jspFileName, javax.servlet.jsp.PageContext context)	Ak existuje _mobile.jsp verzia zadaneho JSP vykona nan interny forward a vrati true pre ukoncenie povodneho JSP, nieco ako: if (PathFilter.forwardToMobileOrTablet("/components/magzilla/new_bug_popup.jsp", pageContext)) return;
static String	getCustomPath()
static String	getCustomPathRealPath(String url)	Vrati REAL PATH pre zadane URL aj s detekciou Custom Path (pouzitelne len pre staticke subory)
static String	getHttpsRedirectUrl(javax.servlet.http.HttpServletRequest request)	Vrati URL adresu pre httpS presmerovanie
static String	getOrigPath(javax.servlet.http.HttpServletRequest request)
static String	getOrigPathDocId(javax.servlet.http.HttpServletRequest request)	Vrati adresu povodnej stranky, v pripade DOCID liniek vratane parametra docid
static String	getOrigPathUpload(javax.servlet.http.HttpServletRequest request)	Vrati adresu povodnej stranky, v pripade DOCID liniek vratane docid s pridanym parametrom pre uload suboru pre stripes (aby to Stripes spracoval)
static String	getRealPath(String url)	Vrati cestu k suboru na disku z daneho URL, berie do uvahy aj custom path
void	init(javax.servlet.FilterConfig filterConfig)	Inicializacia servletu
static boolean	isForceDownload(String fileName)
static boolean	isNoCacheCookieRequired(javax.servlet.http.HttpServletRequest request)	Overi, ci je mozne pouzit nginx proxy rezim (konstanta nginxProxyMode), ak je povoleny, overuje este: prihlaseneho pouzivatela (rezim nedostupny) prepnutie verzie cez forceBrowserDetector (ak je ina verzia ako pc nedostupne)
static EditForm	isPasswordProtected(String url, javax.servlet.http.HttpServletRequest request)	Skontroluje, ci zadane URL je v protected zone
static EditForm	isPasswordProtected(String url, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpSession session)	Skontroluje prava k danemu URL (suboru)
static void	prepareTemplates()
static void	registerDynamicForward(String name, DynamicForward dynamicForward)
static void	reloadProtectedDirs()	Nacita z databazy zoznam adresarov, v ktorych su chranene subory
static void	resetBlockedPaths()
static void	resetCacheStaticContentSeconds()
static void	resetResponseHeaders()
static void	setAccessControlAllowOrigin(String url, javax.servlet.http.HttpServletResponse response)	Nastavenie hlavicky Access-Control-Allow-Origin
static void	setCacheHeaders(int myCacheStaticContentSeconds, javax.servlet.http.HttpServletResponse response)	Nastavi cache hlavicky na pozadovanu hodnotu v sekundach
static void	setDownloadHeaders(String path, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Nastavi HTTP hlavicku Content-Disposition na hdonotu attachment;filename=abc pre subory v adresaroch /files a /images ktore maju priponu definovanu v konf.
static void	setFeaturePolicy(javax.servlet.http.HttpServletResponse response)	Nastavi hlavicku Feature-Policy podla konfiguracnej premennej featurePolicyHeader
static void	setHeader(javax.servlet.http.HttpServletResponse response, String headerName, String constantName)	Nastavi HTTP hlavicku podla nazvu konfiguracnej premennej
static void	setNginxProxyMode(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Pouziva sa v spojeni s nginx cache proxy serverom, nastavuje cookie s nazvom nc ktora nasledne v dalsich http requestoch od klienta zamedzi posielaniu cache vysledkov (ak je nastavena na hodnotu 1)
static boolean	setStaticContentHeaders(String path, Identity user, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Nastavi cache hlavicky podla konf.
static void	setUaCompatibleAdmin(String path, javax.servlet.http.HttpServletResponse response)
static void	setXRobotsTagValue(String url, javax.servlet.http.HttpServletResponse response)	Nastavenie hlavicky X-Robots-Tag, viz https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
static void	unregisterDynamicForward(String name)
static boolean	writeAndCacheFile(String url, javax.servlet.http.HttpServletResponse response)	Cache pre staticke subory, cachuju sa len subory pre ktore sa nastavuje setStaticContentHeaders

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

REQUEST_START_TIME

public static final String REQUEST_START_TIME

See Also:

• Constant Field Values

Constructor Details

PathFilter

public PathFilter()

Method Details

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Inicializacia servletu

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

registerDynamicForward

public static void registerDynamicForward(String name,
 DynamicForward dynamicForward)

unregisterDynamicForward

public static void unregisterDynamicForward(String name)

prepareTemplates

public static void prepareTemplates()

getCustomPath

public static String getCustomPath()

getCustomPathRealPath

public static String getCustomPathRealPath(String url)

Vrati REAL PATH pre zadane URL aj s detekciou Custom Path (pouzitelne len pre staticke subory)

Parameters:

url -

Returns:

destroy

public void destroy()

Take this filter out of service.

Specified by:

destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest servletRequest,
 javax.servlet.ServletResponse servletResponse,
 javax.servlet.FilterChain chain)
              throws IOException,
javax.servlet.ServletException

Select and set (if specified) the character encoding to be used to interpret request parameters for this request.

Specified by:

doFilter in interface javax.servlet.Filter

Parameters:

chain - The filter chain we are processing

Throws:

IOException - if an input/output error occurs

javax.servlet.ServletException - if a servlet error occurs

checkWebAccess

public static boolean checkWebAccess(javax.servlet.http.HttpServletRequest request,
 String path)

Skontroluje, ci je mozne pristupit k verejnej casti webu, nie admin casti

Parameters:

request -

Returns:

checkAdmin

public static boolean checkAdmin(javax.servlet.http.HttpServletRequest request)

Skontroluje, ci je mozne pristupit k admin casti

Parameters:

request -

Returns:

reloadProtectedDirs

public static void reloadProtectedDirs()

Nacita z databazy zoznam adresarov, v ktorych su chranene subory

isPasswordProtected

public static EditForm isPasswordProtected(String url,
 javax.servlet.http.HttpServletRequest request)

Skontroluje, ci zadane URL je v protected zone

Parameters:

url -

Returns:

EditForm ak je chranene, alebo null

isPasswordProtected

public static EditForm isPasswordProtected(String url,
 javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpSession session)

Skontroluje prava k danemu URL (suboru)

Parameters:

url - - url adresa suboru z adresara /files

request - - ak nie je null prida sa aj statistika videni (ak statistiku nechceme zaratat nastavime len session)

session - - session z ktorej sa ziska identita pouzivatela

Returns:

doFileForbiddenRedirect

public static boolean doFileForbiddenRedirect(EditForm ef,
 Identity user,
 String originalPath,
 javax.servlet.http.HttpServletRequest req,
 javax.servlet.http.HttpServletResponse res)
                                       throws IOException,
javax.servlet.ServletException

Vykona redirect (ak treba) na zobrazenie logon stranky / zamietnutia pristupu k suboru (/files/*), vrati true, ak bol redirect vykonany

Parameters:

ef -

user -

originalPath -

req -

res -

Returns:

true ak je redirect vykonany, inak false

Throws:

IOException

javax.servlet.ServletException

getRealPath

public static String getRealPath(String url)

Vrati cestu k suboru na disku z daneho URL, berie do uvahy aj custom path

Parameters:

url - - url adresa suboru, napr. /css/page.css

Returns:

- vrati cestu na disku, napr. /var/webapps/webjet/css/page.css

getOrigPath

public static String getOrigPath(javax.servlet.http.HttpServletRequest request)

getOrigPathDocId

public static String getOrigPathDocId(javax.servlet.http.HttpServletRequest request)

Vrati adresu povodnej stranky, v pripade DOCID liniek vratane parametra docid

Parameters:

request -

Returns:

getOrigPathUpload

public static String getOrigPathUpload(javax.servlet.http.HttpServletRequest request)

Vrati adresu povodnej stranky, v pripade DOCID liniek vratane docid s pridanym parametrom pre uload suboru pre stripes (aby to Stripes spracoval)

Parameters:

request -

Returns:

bypassPath

public static boolean bypassPath(String path,
 javax.servlet.ServletRequest servletRequest)

setStaticContentHeaders

public static boolean setStaticContentHeaders(String path,
 Identity user,
 javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)

Nastavi cache hlavicky podla konf. premennej cacheStaticContentSeconds a cacheStaticContentSuffixes

Parameters:

path -

user -

request -

response -

Returns:

setDownloadHeaders

public static void setDownloadHeaders(String path,
 javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)

Nastavi HTTP hlavicku Content-Disposition na hdonotu attachment;filename=abc pre subory v adresaroch /files a /images ktore maju priponu definovanu v konf. premennej forceDownloadSuffixes Umozni to vyvolat download dialog napr. pre pdf subory namiesto ich zobrazenia v prehliadaci

Parameters:

path -

request -

response -

isForceDownload

public static boolean isForceDownload(String fileName)

setCacheHeaders

public static void setCacheHeaders(int myCacheStaticContentSeconds,
 javax.servlet.http.HttpServletResponse response)

Nastavi cache hlavicky na pozadovanu hodnotu v sekundach

Parameters:

myCacheStaticContentSeconds -

response -

writeAndCacheFile

public static boolean writeAndCacheFile(String url,
 javax.servlet.http.HttpServletResponse response)

Cache pre staticke subory, cachuju sa len subory pre ktore sa nastavuje setStaticContentHeaders

Parameters:

url -

Returns:

setXRobotsTagValue

public static void setXRobotsTagValue(String url,
 javax.servlet.http.HttpServletResponse response)

Nastavenie hlavicky X-Robots-Tag, viz https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag

Parameters:

url -

response -

setUaCompatibleAdmin

public static void setUaCompatibleAdmin(String path,
 javax.servlet.http.HttpServletResponse response)

setFeaturePolicy

public static void setFeaturePolicy(javax.servlet.http.HttpServletResponse response)

Nastavi hlavicku Feature-Policy podla konfiguracnej premennej featurePolicyHeader

Parameters:

response -

setAccessControlAllowOrigin

public static void setAccessControlAllowOrigin(String url,
 javax.servlet.http.HttpServletResponse response)

Nastavenie hlavicky Access-Control-Allow-Origin

Parameters:

url -

response -

setHeader

public static void setHeader(javax.servlet.http.HttpServletResponse response,
 String headerName,
 String constantName)

Nastavi HTTP hlavicku podla nazvu konfiguracnej premennej

Parameters:

response -

headerName - - meno HTTP hlavicky

constantName - - meno konfiguracnej premennej

forwardToMobileOrTablet

public static boolean forwardToMobileOrTablet(String jspFileName,
 javax.servlet.jsp.PageContext context)

Ak existuje _mobile.jsp verzia zadaneho JSP vykona nan interny forward a vrati true pre ukoncenie povodneho JSP, nieco ako: if (PathFilter.forwardToMobileOrTablet("/components/magzilla/new_bug_popup.jsp", pageContext)) return;

Parameters:

jspFileName -

context -

Returns:

setNginxProxyMode

public static void setNginxProxyMode(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)

Pouziva sa v spojeni s nginx cache proxy serverom, nastavuje cookie s nazvom nc ktora nasledne v dalsich http requestoch od klienta zamedzi posielaniu cache vysledkov (ak je nastavena na hodnotu 1)

Parameters:

request -

response -

isNoCacheCookieRequired

public static boolean isNoCacheCookieRequired(javax.servlet.http.HttpServletRequest request)

Overi, ci je mozne pouzit nginx proxy rezim (konstanta nginxProxyMode), ak je povoleny, overuje este: prihlaseneho pouzivatela (rezim nedostupny) prepnutie verzie cez forceBrowserDetector (ak je ina verzia ako pc nedostupne)

Parameters:

request -

Returns:

getHttpsRedirectUrl

public static String getHttpsRedirectUrl(javax.servlet.http.HttpServletRequest request)

Vrati URL adresu pre httpS presmerovanie

Parameters:

request -

Returns:

resetResponseHeaders

public static void resetResponseHeaders()

resetCacheStaticContentSeconds

public static void resetCacheStaticContentSeconds()

resetBlockedPaths

public static void resetBlockedPaths()