dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #40891
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 20834: CORS filter, fix
------------------------------------------------------------
revno: 20834
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2015-10-21 18:02:20 +0200
message:
CORS filter, fix
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/configuration/ConfigurationService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/configuration/DefaultConfigurationService.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CorsFilter.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/configuration/ConfigurationService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/configuration/ConfigurationService.java 2015-10-21 11:30:24 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/configuration/ConfigurationService.java 2015-10-21 16:02:20 +0000
@@ -1,7 +1,5 @@
package org.hisp.dhis.configuration;
-import java.util.Set;
-
/*
* Copyright (c) 2004-2015, University of Oslo
* All rights reserved.
@@ -52,9 +50,10 @@
Configuration getConfiguration();
/**
- * Gets the CORS white list inside a transaction.
+ * Indicates whether the given origin is CORS white listed.
*
- * @return the CORS white list.
+ * @param origin the origin.
+ * @return true if the given origin is CORS white listed.
*/
- Set<String> getCorsWhitelist();
+ boolean isCorsWhitelisted( String origin );
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/configuration/DefaultConfigurationService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/configuration/DefaultConfigurationService.java 2015-10-21 11:33:29 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/configuration/DefaultConfigurationService.java 2015-10-21 16:02:20 +0000
@@ -29,7 +29,6 @@
*/
import java.util.Iterator;
-import java.util.Set;
import org.hisp.dhis.common.GenericStore;
import org.springframework.transaction.annotation.Transactional;
@@ -74,8 +73,8 @@
}
@Override
- public Set<String> getCorsWhitelist()
+ public boolean isCorsWhitelisted( String origin )
{
- return getConfiguration().getCorsWhitelist();
+ return getConfiguration().getCorsWhitelist().contains( origin );
}
}
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CorsFilter.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CorsFilter.java 2015-10-21 15:25:55 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CorsFilter.java 2015-10-21 16:02:20 +0000
@@ -144,7 +144,7 @@
String localUrl = uriBuilder.build().toString();
return !StringUtils.isEmpty( origin ) && ( localUrl.equals( origin ) ||
- configurationService.getCorsWhitelist().contains( origin ) );
+ configurationService.isCorsWhitelisted( origin ) );
}
@Override
