import java.io.IOException;
import java.io.PrintWriter;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import java.util.Calendar;
+import java.util.Collection;
import java.util.Enumeration;
import javax.jcr.Node;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.cms.util.CmsUtils;
-import org.argeo.jcr.ArgeoJcrConstants;
import org.argeo.jcr.JcrUtils;
-import org.eclipse.equinox.http.servlet.ExtendedHttpService;
+import org.argeo.node.NodeConstants;
+import org.argeo.node.NodeUtils;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpService;
/**
* Intercepts and enriches http access, mainly focusing on security and
* transactionality.
*/
-class NodeHttp implements KernelConstants, ArgeoJcrConstants {
+class NodeHttp implements KernelConstants {
private final static Log log = LogFactory.getLog(NodeHttp.class);
// Filters
// private final DoSFilter dosFilter;
// private final QoSFilter qosFilter;
- private Repository repository;
+ private BundleContext bc;
- NodeHttp(ExtendedHttpService httpService, Repository node) {
- this.repository = node;
+ NodeHttp(HttpService httpService, BundleContext bc) {
+ this.bc = bc;
// rootFilter = new RootFilter();
// dosFilter = new CustomDosFilter();
// qosFilter = new QoSFilter();
try {
- httpService.registerServlet("/!", new LinkServlet(repository),
- null, null);
- httpService.registerServlet("/robots.txt", new RobotServlet(),
- null, null);
+ httpService.registerServlet("/!", new LinkServlet(), null, null);
+ httpService.registerServlet("/robots.txt", new RobotServlet(), null, null);
} catch (Exception e) {
throw new CmsException("Cannot register filters", e);
}
public void destroy() {
}
- static class LinkServlet extends HttpServlet {
+ class LinkServlet extends HttpServlet {
private static final long serialVersionUID = 3749990143146845708L;
- private final Repository repository;
-
- public LinkServlet(Repository repository) {
- this.repository = repository;
- }
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
String path = request.getPathInfo();
String userAgent = request.getHeader("User-Agent").toLowerCase();
boolean isBot = false;
boolean isCompatibleBrowser = false;
- if (userAgent.contains("bot") || userAgent.contains("facebook")
- || userAgent.contains("twitter")) {
+ if (userAgent.contains("bot") || userAgent.contains("facebook") || userAgent.contains("twitter")) {
isBot = true;
- } else if (userAgent.contains("webkit")
- || userAgent.contains("gecko")
- || userAgent.contains("firefox")
- || userAgent.contains("msie")
- || userAgent.contains("chrome")
- || userAgent.contains("chromium")
- || userAgent.contains("opera")
- || userAgent.contains("browser")) {
+ } else if (userAgent.contains("webkit") || userAgent.contains("gecko") || userAgent.contains("firefox")
+ || userAgent.contains("msie") || userAgent.contains("chrome") || userAgent.contains("chromium")
+ || userAgent.contains("opera") || userAgent.contains("browser")) {
isCompatibleBrowser = true;
}
// }
/** For bots which don't understand RWT. */
- private void canonicalAnswer(HttpServletRequest request,
- HttpServletResponse response, String path) {
+ private void canonicalAnswer(HttpServletRequest request, HttpServletResponse response, String path) {
Session session = null;
try {
PrintWriter writer = response.getWriter();
- session = Subject.doAs(KernelUtils.anonymousLogin(),
- new PrivilegedExceptionAction<Session>() {
-
- @Override
- public Session run() throws Exception {
- return repository.login();
- }
+ session = Subject.doAs(KernelUtils.anonymousLogin(), new PrivilegedExceptionAction<Session>() {
+
+ @Override
+ public Session run() throws Exception {
+ Collection<ServiceReference<Repository>> srs = bc.getServiceReferences(Repository.class,
+ "(" + NodeConstants.CN + "=" + NodeConstants.NODE + ")");
+ Repository repository = bc.getService(srs.iterator().next());
+ return repository.login();
+ }
- });
+ });
Node node = session.getNode(path);
- String title = node.hasProperty(JCR_TITLE) ? node.getProperty(
- JCR_TITLE).getString() : node.getName();
- String desc = node.hasProperty(JCR_DESCRIPTION) ? node
- .getProperty(JCR_DESCRIPTION).getString() : null;
- Calendar lastUpdate = node.hasProperty(JCR_LAST_MODIFIED) ? node
- .getProperty(JCR_LAST_MODIFIED).getDate() : null;
- String url = CmsUtils.getCanonicalUrl(node, request);
+ String title = node.hasProperty(JCR_TITLE) ? node.getProperty(JCR_TITLE).getString() : node.getName();
+ String desc = node.hasProperty(JCR_DESCRIPTION) ? node.getProperty(JCR_DESCRIPTION).getString() : null;
+ Calendar lastUpdate = node.hasProperty(JCR_LAST_MODIFIED)
+ ? node.getProperty(JCR_LAST_MODIFIED).getDate() : null;
+ String url = getCanonicalUrl(node, request);
String imgUrl = null;
loop: for (NodeIterator it = node.getNodes(); it.hasNext();) {
// Takes the first found cms:image
Node child = it.nextNode();
- if (child.isNodeType(CMS_IMAGE)){
- imgUrl = CmsUtils.getDataUrl(child, request);
+ if (child.isNodeType(CMS_IMAGE)) {
+ imgUrl = getDataUrl(child, request);
break loop;
}
}
StringBuilder buf = new StringBuilder();
buf.append("<html>");
buf.append("<head>");
- writeMeta(buf, "og:title", title);
+ writeMeta(buf, "og:title", escapeHTML(title));
writeMeta(buf, "og:type", "website");
buf.append("<meta name='twitter:card' content='summary' />");
buf.append("<meta name='twitter:site' content='@argeo_org' />");
writeMeta(buf, "og:url", url);
if (desc != null)
- writeMeta(buf, "og:description", desc);
+ writeMeta(buf, "og:description", escapeHTML(desc));
if (imgUrl != null)
writeMeta(buf, "og:image", imgUrl);
if (lastUpdate != null)
- writeMeta(buf, "og:updated_time",
- Long.toString(lastUpdate.getTime().getTime()));
+ writeMeta(buf, "og:updated_time", Long.toString(lastUpdate.getTime().getTime()));
buf.append("</head>");
buf.append("<body>");
buf.append(
- "<p><b>!! This page is meant for indexing robots, not for real people,"
- + " visit <a href='/#").append(path)
- .append("'>").append(title)
- .append("</a> instead.</b></p>");
+ "<p><b>!! This page is meant for indexing robots, not for real people," + " visit <a href='/#")
+ .append(path).append("'>").append(escapeHTML(title)).append("</a> instead.</b></p>");
writeCanonical(buf, node);
buf.append("</body>");
buf.append("</html>");
}
}
+ /**
+ * From
+ * http://stackoverflow.com/questions/1265282/recommended-method-for-
+ * escaping-html-in-java (+ escaping '). TODO Use
+ * org.apache.commons.lang.StringEscapeUtils
+ */
+ private String escapeHTML(String s) {
+ StringBuilder out = new StringBuilder(Math.max(16, s.length()));
+ for (int i = 0; i < s.length(); i++) {
+ char c = s.charAt(i);
+ if (c > 127 || c == '\'' || c == '"' || c == '<' || c == '>' || c == '&') {
+ out.append("&#");
+ out.append((int) c);
+ out.append(';');
+ } else {
+ out.append(c);
+ }
+ }
+ return out.toString();
+ }
+
private void writeMeta(StringBuilder buf, String tag, String value) {
- buf.append("<meta property='").append(tag).append("' content='")
- .append(value).append("'/>");
+ buf.append("<meta property='").append(tag).append("' content='").append(value).append("'/>");
}
- private void writeCanonical(StringBuilder buf, Node node)
- throws RepositoryException {
+ private void writeCanonical(StringBuilder buf, Node node) throws RepositoryException {
buf.append("<div>");
if (node.hasProperty(JCR_TITLE))
- buf.append("<p>")
- .append(node.getProperty(JCR_TITLE).getString())
- .append("</p>");
+ buf.append("<p>").append(node.getProperty(JCR_TITLE).getString()).append("</p>");
if (node.hasProperty(JCR_DESCRIPTION))
- buf.append("<p>")
- .append(node.getProperty(JCR_DESCRIPTION).getString())
- .append("</p>");
+ buf.append("<p>").append(node.getProperty(JCR_DESCRIPTION).getString()).append("</p>");
NodeIterator children = node.getNodes();
while (children.hasNext()) {
writeCanonical(buf, children.nextNode());
}
buf.append("</div>");
}
+
+ // DATA
+ private StringBuilder getServerBaseUrl(HttpServletRequest request) {
+ try {
+ URL url = new URL(request.getRequestURL().toString());
+ StringBuilder buf = new StringBuilder();
+ buf.append(url.getProtocol()).append("://").append(url.getHost());
+ if (url.getPort() != -1)
+ buf.append(':').append(url.getPort());
+ return buf;
+ } catch (MalformedURLException e) {
+ throw new CmsException("Cannot extract server base URL from " + request.getRequestURL(), e);
+ }
+ }
+
+ private String getDataUrl(Node node, HttpServletRequest request) throws RepositoryException {
+ try {
+ StringBuilder buf = getServerBaseUrl(request);
+ buf.append(NodeUtils.getDataPath(NodeConstants.NODE, node));
+ return new URL(buf.toString()).toString();
+ } catch (MalformedURLException e) {
+ throw new CmsException("Cannot build data URL for " + node, e);
+ }
+ }
+
+ // public static String getDataPath(Node node) throws
+ // RepositoryException {
+ // assert node != null;
+ // String userId = node.getSession().getUserID();
+ //// if (log.isTraceEnabled())
+ //// log.trace(userId + " : " + node.getPath());
+ // StringBuilder buf = new StringBuilder();
+ // boolean isAnonymous =
+ // userId.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS);
+ // if (isAnonymous)
+ // buf.append(WEBDAV_PUBLIC);
+ // else
+ // buf.append(WEBDAV_PRIVATE);
+ // Session session = node.getSession();
+ // Repository repository = session.getRepository();
+ // String cn;
+ // if (repository.isSingleValueDescriptor(NodeConstants.CN)) {
+ // cn = repository.getDescriptor(NodeConstants.CN);
+ // } else {
+ //// log.warn("No cn defined in repository, using " +
+ // NodeConstants.NODE);
+ // cn = NodeConstants.NODE;
+ // }
+ // return
+ // buf.append('/').append(cn).append('/').append(session.getWorkspace().getName()).append(node.getPath())
+ // .toString();
+ // }
+
+ private String getCanonicalUrl(Node node, HttpServletRequest request) throws RepositoryException {
+ try {
+ StringBuilder buf = getServerBaseUrl(request);
+ buf.append('/').append('!').append(node.getPath());
+ return new URL(buf.toString()).toString();
+ } catch (MalformedURLException e) {
+ throw new CmsException("Cannot build data URL for " + node, e);
+ }
+ // return request.getRequestURL().append('!').append(node.getPath())
+ // .toString();
+ }
+
}
class RobotServlet extends HttpServlet {
private static final long serialVersionUID = 7935661175336419089L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
PrintWriter writer = response.getWriter();
writer.append("User-agent: *\n");
writer.append("Disallow:\n");
class RootFilter extends HttpFilter {
@Override
- public void doFilter(HttpSession httpSession,
- HttpServletRequest request, HttpServletResponse response,
+ public void doFilter(HttpSession httpSession, HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
if (log.isTraceEnabled()) {
- log.trace(request.getRequestURL().append(
- request.getQueryString() != null ? "?"
- + request.getQueryString() : ""));
+ log.trace(request.getRequestURL()
+ .append(request.getQueryString() != null ? "?" + request.getQueryString() : ""));
logRequest(request);
}
}
// skip data
- if (servletPath.startsWith(PATH_DATA)) {
+ if (servletPath.startsWith(NodeConstants.PATH_DATA)) {
filterChain.doFilter(request, response);
return;
}
}
// redirect long RWT paths to anchor
- String path = request.getRequestURI().substring(
- servletPath.length());
+ String path = request.getRequestURI().substring(servletPath.length());
int pathLength = path.length();
- if (pathLength != 0 && (path.charAt(0) == '/')
- && !servletPath.endsWith("rwt-resources")
- && !path.startsWith(KernelConstants.PATH_WORKBENCH)
- && path.lastIndexOf('/') != 0) {
+ if (pathLength != 0 && (path.charAt(0) == '/') && !servletPath.endsWith("rwt-resources")
+ && !path.startsWith(KernelConstants.PATH_WORKBENCH) && path.lastIndexOf('/') != 0) {
String newLocation = request.getServletPath() + "#" + path;
response.setHeader("Location", newLocation);
response.setStatus(HttpServletResponse.SC_FOUND);
}
private X509Certificate extractCertificate(HttpServletRequest req) {
- X509Certificate[] certs = (X509Certificate[]) req
- .getAttribute("javax.servlet.request.X509Certificate");
+ X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {
return certs[0];
}
projects / lgpl / argeo-commons.git / blobdiff