List of usage examples for org.apache.wicket.request.http WebResponse setHeader
public abstract void setHeader(String name, String value);
From source file:au.org.theark.web.pages.home.BasePage.java
License:Open Source License
protected void configureResponse(final org.apache.wicket.request.http.WebResponse webResponse) { super.configureResponse(webResponse); webResponse.setHeader("Cache-Control", "no-cache, max-age=0,must-revalidate, no-store"); webResponse.setHeader("Expires", "-1"); webResponse.setHeader("Pragma", "no-cache"); }
From source file:au.org.theark.web.pages.login.AAFLoginPage.java
License:Open Source License
@Override protected void configureResponse(final org.apache.wicket.request.http.WebResponse webResponse) { super.configureResponse((org.apache.wicket.request.http.WebResponse) RequestCycle.get().getResponse()); org.apache.wicket.request.http.WebResponse response = (org.apache.wicket.request.http.WebResponse) RequestCycle .get().getResponse();/*from w w w. jav a2 s . c om*/ response.setHeader("Cache-Control", "no-cache, max-age=0,must-revalidate, no-store"); response.setHeader("Expires", "-1"); response.setHeader("Pragma", "no-cache"); }
From source file:com.comcast.cdn.traffic_control.traffic_monitor.publish.JsonPage.java
License:Apache License
/** * Send out the json!!!!// w w w. j a v a 2s .c o m */ @Override public final void renderPage() { final MonitorConfig config = ConfigHandler.getConfig(); final WebResponse response = (WebResponse) super.getResponse(); response.setHeader("Access-Control-Allow-Origin", config.getAccessControlAllowOrigin()); try { final JSONObject jo = getJson(getPageParameters()); if (jo == null) { response.sendError(503, "Not ready"); return; } response.write(jo.toString(2)); } catch (JSONException e) { LOGGER.warn(e, e); } }
From source file:com.gitblit.wicket.pages.BasePage.java
License:Apache License
@Override protected void setHeaders(WebResponse response) { // set canonical link as http header for SEO (issue-304) // https://support.google.com/webmasters/answer/139394?hl=en response.setHeader("Link", MessageFormat.format("<{0}>; rel=\"canonical\"", getCanonicalUrl())); int expires = app().settings().getInteger(Keys.web.pageCacheExpires, 0); if (expires > 0) { // pages are personalized for the authenticated user so they must be // marked private to prohibit proxy servers from caching them response.setHeader("Cache-Control", "private, must-revalidate"); setLastModified();/*from w w w . j a v a 2s . c o m*/ } else { // use default Wicket caching behavior super.setHeaders(response); } // XRF vulnerability. issue-500 / ticket-166 response.setHeader("X-Frame-Options", "SAMEORIGIN"); }
From source file:com.gitblit.wicket.pages.RawPage.java
License:Apache License
public RawPage(final PageParameters params) { super(params); if (params.get("r").isEmpty()) { error(getString("gb.repositoryNotSpecified")); redirectToInterceptPage(new RepositoriesPage()); }/*from w w w .j a va 2s. com*/ getRequestCycle().scheduleRequestHandlerAfterCurrent(new IRequestHandler() { @Override public void respond(IRequestCycle requestCycle) { WebResponse response = (WebResponse) requestCycle.getResponse(); final String repositoryName = WicketUtils.getRepositoryName(params); final String objectId = WicketUtils.getObject(params); final String blobPath = WicketUtils.getPath(params); String[] encodings = getEncodings(); GitBlitWebSession session = GitBlitWebSession.get(); UserModel user = session.getUser(); RepositoryModel model = app().repositories().getRepositoryModel(user, repositoryName); if (model == null) { // user does not have permission error(getString("gb.canNotLoadRepository") + " " + repositoryName); redirectToInterceptPage(new RepositoriesPage()); return; } Repository r = app().repositories().getRepository(repositoryName); if (r == null) { error(getString("gb.canNotLoadRepository") + " " + repositoryName); redirectToInterceptPage(new RepositoriesPage()); return; } if (StringUtils.isEmpty(blobPath)) { // objectid referenced raw view byte[] binary = JGitUtils.getByteContent(r, objectId); if (binary == null) { final String objectNotFound = MessageFormat .format("Raw page failed to find object {0} in {1}", objectId, repositoryName); logger.error(objectNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, objectNotFound); } contentType = "application/octet-stream"; response.setContentType(contentType); response.setContentLength(binary.length); try { response.getOutputStream().write(binary); } catch (Exception e) { logger.error("Failed to write binary response", e); } } else { // standard raw blob view RevCommit commit = JGitUtils.getCommit(r, objectId); if (commit == null) { final String commitNotFound = MessageFormat .format("Raw page failed to find commit {0} in {1}", objectId, repositoryName); logger.error(commitNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, commitNotFound); } String filename = blobPath; if (blobPath.indexOf('/') > -1) { filename = blobPath.substring(blobPath.lastIndexOf('/') + 1); } String extension = null; if (blobPath.lastIndexOf('.') > -1) { extension = blobPath.substring(blobPath.lastIndexOf('.') + 1); } // Map the extensions to types Map<String, Integer> map = new HashMap<String, Integer>(); for (String ext : app().settings().getStrings(Keys.web.imageExtensions)) { map.put(ext.toLowerCase(), 2); } for (String ext : app().settings().getStrings(Keys.web.binaryExtensions)) { map.put(ext.toLowerCase(), 3); } final String blobNotFound = MessageFormat.format( "Raw page failed to find blob {0} in {1} @ {2}", blobPath, repositoryName, objectId); if (extension != null) { int type = 0; if (map.containsKey(extension)) { type = map.get(extension); } switch (type) { case 2: // image blobs byte[] image = JGitUtils.getByteContent(r, commit.getTree(), blobPath, true); if (image == null) { logger.error(blobNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, blobNotFound); } contentType = "image/" + extension.toLowerCase(); response.setContentType(contentType); response.setContentLength(image.length); try { response.getOutputStream().write(image); } catch (IOException e) { logger.error("Failed to write image response", e); } break; case 3: // binary blobs (download) byte[] binary = JGitUtils.getByteContent(r, commit.getTree(), blobPath, true); if (binary == null) { logger.error(blobNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, blobNotFound); } contentType = "application/octet-stream"; response.setContentLength(binary.length); response.setContentType(contentType); try { String userAgent = GitBlitRequestUtils.getServletRequest().getHeader("User-Agent"); if (userAgent != null && userAgent.indexOf("MSIE 5.5") > -1) { response.setHeader("Content-Disposition", "filename=\"" + URLEncoder.encode(filename, Constants.ENCODING) + "\""); } else if (userAgent != null && userAgent.indexOf("MSIE") > -1) { response.setHeader("Content-Disposition", "attachment; filename=\"" + URLEncoder.encode(filename, Constants.ENCODING) + "\""); } else { response.setHeader("Content-Disposition", "attachment; filename=\"" + new String(filename.getBytes(Constants.ENCODING), "latin1") + "\""); } } catch (UnsupportedEncodingException e) { response.setHeader("Content-Disposition", "attachment; filename=\"" + filename + "\""); } try { response.getOutputStream().write(binary); } catch (IOException e) { logger.error("Failed to write binary response", e); } break; default: // plain text String content = JGitUtils.getStringContent(r, commit.getTree(), blobPath, encodings); if (content == null) { logger.error(blobNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, blobNotFound); } contentType = "text/plain; charset=UTF-8"; response.setContentType(contentType); try { response.getOutputStream().write(content.getBytes("UTF-8")); } catch (Exception e) { logger.error("Failed to write text response", e); } } } else { // plain text String content = JGitUtils.getStringContent(r, commit.getTree(), blobPath, encodings); if (content == null) { logger.error(blobNotFound); throw new AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, blobNotFound); } contentType = "text/plain; charset=UTF-8"; response.setContentType(contentType); try { response.getOutputStream().write(content.getBytes("UTF-8")); } catch (Exception e) { logger.error("Failed to write text response", e); } } } r.close(); } @Override public void detach(IRequestCycle requestCycle) { // TODO Auto-generated method stub } }); }
From source file:com.modusoperandi.dragonfly.widgets.choropleth.ChoroplethWidgetPage.java
License:Open Source License
protected @Override void setHeaders(final org.apache.wicket.request.http.WebResponse response) { super.setHeaders(response); response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1. response.setHeader("Pragma", "no-cache"); // HTTP 1.0. response.setDateHeader("Expires", Time.START_OF_UNIX_TIME); // Proxies. }
From source file:cz.zcu.kiv.eegdatabase.wui.components.page.BasePage.java
License:Apache License
@Override protected void setHeaders(WebResponse response) { super.setHeaders(response); // Protection against ClickJacking, prevents the page from being rendered in an iframe element response.setHeader("X-Frame-Options", "deny"); }
From source file:de.alpharogroup.wicket.base.util.WicketComponentExtensions.java
License:Apache License
/** * Sets the security headers for the category access control. * * Note: Set this header only if you know what your doing. This header refers to a policy file. * Specifying how resources should be allowed to be loaded from a different domain. The value * 'master only' indicates that only the file specified should be considered valid on this * domain./*from www. j av a 2 s.c o m*/ * * @param response * the response to set the header. */ public static void setSecurityAccessControlHeader(final WebResponse response) { response.setHeader("X-Permitted-Cross-Domain-Policies", "master-only"); }
From source file:de.alpharogroup.wicket.base.util.WicketComponentExtensions.java
License:Apache License
/** * Sets the security headers for the category Caching. * * @param response//from ww w . j a v a 2s . c o m * the response to set the security headers */ public static void setSecurityCachingHeaders(final WebResponse response) { // Category: Caching response.setHeader("Cache-Control", "must-revalidate;"); response.setHeader("Pragma", "no-cache"); response.setHeader("Expires", "-1"); }
From source file:de.alpharogroup.wicket.base.util.WicketComponentExtensions.java
License:Apache License
/** * Sets the security headers for the category Content. * * @param response//from w ww . ja va 2 s. c o m * the response to set the security headers */ public static void setSecurityContentHeaders(final WebResponse response) { // Category: Content response.setHeader("X-Content-Type-Options", "nosniff"); response.setHeader("Content-Type", "text/html;charset=utf-8"); }