List of usage examples for com.google.common.net HttpHeaders ORIGIN
String ORIGIN
To view the source code for com.google.common.net HttpHeaders ORIGIN.
Click Source Link
From source file:org.clitherproject.clither.server.net.WebSocketHandler.java
@Override protected void channelRead0(ChannelHandlerContext ctx, Object req) throws Exception { if (req instanceof FullHttpRequest) { FullHttpRequest request = (FullHttpRequest) req; // ----- Client authenticity check code ----- String origin = request.headers().get(HttpHeaders.ORIGIN); if (origin != null) { switch (origin) { case "http://slither.io": case "https://slither.io": case "http://localhost": case "https://localhost": case "http://127.0.0.1": case "https://127.0.0.1": break; default: ctx.channel().close();//from ww w . j a v a 2 s . c o m return; } } // -----/Client authenticity check code ----- WebSocketServerHandshakerFactory wsFactory = new WebSocketServerHandshakerFactory( "ws://" + request.headers().get(HttpHeaders.HOST) + "/", null, true); handshaker = wsFactory.newHandshaker(request); if (handshaker == null) { WebSocketServerHandshakerFactory.sendUnsupportedVersionResponse(ctx.channel()); } else { handshaker.handshake(ctx.channel(), request); } } else if (req instanceof WebSocketFrame) { WebSocketFrame frame = (WebSocketFrame) req; if (req instanceof CloseWebSocketFrame) { if (handshaker != null) { handshaker.close(ctx.channel(), ((CloseWebSocketFrame) req).retain()); } } else if (req instanceof PingWebSocketFrame) { ctx.channel().write(new PongWebSocketFrame(frame.content().retain())); } else { ctx.fireChannelRead(frame.retain()); } } }
From source file:com.ogarproject.ogar.server.net.WebSocketHandler.java
@Override protected void channelRead0(ChannelHandlerContext ctx, Object req) throws Exception { if (req instanceof FullHttpRequest) { FullHttpRequest request = (FullHttpRequest) req; // ----- Client authenticity check code ----- // !!!!! WARNING !!!!! // THE BELOW SECTION OF CODE CHECKS TO ENSURE THAT CONNECTIONS ARE COMING // FROM THE OFFICIAL AGAR.IO CLIENT. IF YOU REMOVE OR MODIFY THE BELOW // SECTION OF CODE TO ALLOW CONNECTIONS FROM A CLIENT ON A DIFFERENT DOMAIN, // YOU MAY BE COMMITTING COPYRIGHT INFRINGEMENT AND LEGAL ACTION MAY BE TAKEN // AGAINST YOU. THIS SECTION OF CODE WAS ADDED ON JULY 9, 2015 AT THE REQUEST // OF THE AGAR.IO DEVELOPERS. String origin = request.headers().get(HttpHeaders.ORIGIN); if (origin != null) { switch (origin) { case "http://agar.io": case "https://agar.io": case "http://localhost": case "https://localhost": case "http://127.0.0.1": case "https://127.0.0.1": break; default: ctx.channel().close();/*from w ww. ja va2s . c o m*/ return; } } // -----/Client authenticity check code ----- WebSocketServerHandshakerFactory wsFactory = new WebSocketServerHandshakerFactory( "ws://" + request.headers().get(HttpHeaders.HOST) + "/", null, true); handshaker = wsFactory.newHandshaker(request); if (handshaker == null) { WebSocketServerHandshakerFactory.sendUnsupportedVersionResponse(ctx.channel()); } else { handshaker.handshake(ctx.channel(), request); } } else if (req instanceof WebSocketFrame) { WebSocketFrame frame = (WebSocketFrame) req; if (req instanceof CloseWebSocketFrame) { if (handshaker != null) { handshaker.close(ctx.channel(), ((CloseWebSocketFrame) req).retain()); } } else if (req instanceof PingWebSocketFrame) { ctx.channel().write(new PongWebSocketFrame(frame.content().retain())); } else { ctx.fireChannelRead(frame.retain()); } } }
From source file:ru.calypso.ogar.server.net.WebSocketHandler.java
@Override protected void channelRead0(ChannelHandlerContext ctx, Object req) throws Exception { if (req instanceof FullHttpRequest) { FullHttpRequest request = (FullHttpRequest) req; // ----- Client authenticity check code ----- // !!!!! WARNING !!!!! // THE BELOW SECTION OF CODE CHECKS TO ENSURE THAT CONNECTIONS ARE COMING // FROM THE OFFICIAL AGAR.IO CLIENT. IF YOU REMOVE OR MODIFY THE BELOW // SECTION OF CODE TO ALLOW CONNECTIONS FROM A CLIENT ON A DIFFERENT DOMAIN, // YOU MAY BE COMMITTING COPYRIGHT INFRINGEMENT AND LEGAL ACTION MAY BE TAKEN // AGAINST YOU. THIS SECTION OF CODE WAS ADDED ON JULY 9, 2015 AT THE REQUEST // OF THE AGAR.IO DEVELOPERS. String origin = request.headers().get(HttpHeaders.ORIGIN); switch (origin) { // TODO move to config case "http://agar.io": case "https://agar.io": case "http://localhost": case "https://localhost": case "http://127.0.0.1": case "https://127.0.0.1": case "http://ogar.pp.ua": break; default://from w w w .j a v a 2s .c om _log.info(String.format("User kicked by invalid origin! IP %s, ORIGIN %s", ctx.channel().remoteAddress(), origin)); ctx.channel().close(); return; } // -----/Client authenticity check code ----- WebSocketServerHandshakerFactory wsFactory = new WebSocketServerHandshakerFactory( "ws://" + request.headers().get(HttpHeaders.HOST) + "/", null, true); handshaker = wsFactory.newHandshaker(request); if (handshaker == null) { WebSocketServerHandshakerFactory.sendUnsupportedWebSocketVersionResponse(ctx.channel()); } else { handshaker.handshake(ctx.channel(), request); } } else if (req instanceof WebSocketFrame) { WebSocketFrame frame = (WebSocketFrame) req; if (req instanceof CloseWebSocketFrame) { if (handshaker != null) { handshaker.close(ctx.channel(), ((CloseWebSocketFrame) req).retain()); } } else if (req instanceof PingWebSocketFrame) { ctx.channel().write(new PongWebSocketFrame(frame.content().retain())); } else { ctx.fireChannelRead(frame.retain()); } } }
From source file:org.killbill.billing.server.filters.ResponseCorsFilter.java
@Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { final HttpServletResponse res = (HttpServletResponse) response; final HttpServletRequest req = (HttpServletRequest) request; final String origin = MoreObjects.firstNonNull(req.getHeader(HttpHeaders.ORIGIN), "*"); res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin); res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, DELETE, PUT, OPTIONS"); res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowedHeaders); res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, allowedHeaders); res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); chain.doFilter(request, response);/*from w ww. j a v a 2 s .c om*/ }