mirror/traccar
1
0
Fork 0
mirror of https://github.com/traccar/traccar.git synced 2026-02-05 21:24:31 -05:00
Code Issues Packages Projects Releases Wiki Activity

Allow multiple origin domains (fix #1526)

Browse Source
This commit is contained in:
Anton Tananaev
2015-11-15 10:31:45 +13:00
parent a79893a680
commit f3db87f0a7
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/org/traccar/web/BaseServlet.java
View File

@@ -53,10 +53,17 @@ public abstract class BaseServlet extends HttpServlet {
try {
resp.setContentType(APPLICATION_JSON);
resp.setCharacterEncoding(CharsetUtil.UTF_8.name());
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN,
Context.getConfig().getString("web.origin", ALLOW_ORIGIN_VALUE));
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS, ALLOW_HEADERS_VALUE);
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_METHODS, ALLOW_METHODS_VALUE);
String origin = req.getHeader(HttpHeaders.Names.ORIGIN);
String allowed = Context.getConfig().getString("web.origin");
if (allowed == null) {
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW_ORIGIN_VALUE);
} else if (allowed.contains(origin)) {
resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
}
if (!handle(getCommand(req), req, resp)) {
resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
}