haraldwolff
/
collabora-online
mirror of https://github.com/CollaboraOnline/online.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wsd: reuse the response in FileServer 

This allows for setting common headers
only once and have it on all file
types and scenarios.

Change-Id: Ia9d67ac5dbf59dd6e22beea0b4ae162ccb846b33
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
pull/8581/head
Ashod Nakashian 2024-03-18 06:03:17 -04:00 committed by Ashod Nakashian
parent a48917d052
commit 4387168d94
2 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
wsd/FileServer.cpp
View File

@ -582,7 +582,7 @@ void FileServerRequestHandler::handleRequest(const HTTPRequest& request,
if (endPoint == "welcome.html") if (endPoint == "welcome.html")
{ {
preprocessWelcomeFile(request, requestDetails, message, socket); preprocessWelcomeFile(request, response, requestDetails, message, socket);
return; return;
} }
@ -593,7 +593,7 @@ void FileServerRequestHandler::handleRequest(const HTTPRequest& request,
endPoint == "uno-localizations.json" || endPoint == "uno-localizations.json" ||
endPoint == "uno-localizations-override.json") endPoint == "uno-localizations-override.json")
{ {
accessDetails = preprocessFile(request, requestDetails, message, socket); accessDetails = preprocessFile(request, response, requestDetails, message, socket);
return; return;
} }
@ -604,7 +604,7 @@ void FileServerRequestHandler::handleRequest(const HTTPRequest& request,
endPoint == "adminLog.html" || endPoint == "adminClusterOverview.html" || endPoint == "adminLog.html" || endPoint == "adminClusterOverview.html" ||
endPoint == "adminClusterOverviewAbout.html") endPoint == "adminClusterOverviewAbout.html")
{ {
preprocessAdminFile(request, requestDetails, socket); preprocessAdminFile(request, response, requestDetails, socket);
return; return;
} }
@ -1136,8 +1136,9 @@ private:
}; };
FileServerRequestHandler::ResourceAccessDetails FileServerRequestHandler::preprocessFile( FileServerRequestHandler::ResourceAccessDetails FileServerRequestHandler::preprocessFile(
const HTTPRequest& request, const RequestDetails& requestDetails, const HTTPRequest& request, http::Response& /*httpResponse*/,
Poco::MemoryInputStream& message, const std::shared_ptr<StreamSocket>& socket) const RequestDetails& requestDetails, Poco::MemoryInputStream& message,
const std::shared_ptr<StreamSocket>& socket)
{ {
const ServerURL cnxDetails(requestDetails); const ServerURL cnxDetails(requestDetails);
@ -1511,8 +1512,8 @@ FileServerRequestHandler::ResourceAccessDetails FileServerRequestHandler::prepro
return ResourceAccessDetails(wopiSrc, urv[ACCESS_TOKEN], urv[PERMISSION]); return ResourceAccessDetails(wopiSrc, urv[ACCESS_TOKEN], urv[PERMISSION]);
} }
void FileServerRequestHandler::preprocessWelcomeFile(const HTTPRequest& request, void FileServerRequestHandler::preprocessWelcomeFile(const HTTPRequest& request,
http::Response& httpResponse,
const RequestDetails& requestDetails, const RequestDetails& requestDetails,
Poco::MemoryInputStream& message, Poco::MemoryInputStream& message,
const std::shared_ptr<StreamSocket>& socket) const std::shared_ptr<StreamSocket>& socket)
@ -1526,8 +1527,6 @@ void FileServerRequestHandler::preprocessWelcomeFile(const HTTPRequest& request,
uiTheme = (uiTheme == "dark") ? "dark" : "light"; uiTheme = (uiTheme == "dark") ? "dark" : "light";
Poco::replaceInPlace(templateWelcome, std::string("%UI_THEME%"), uiTheme); Poco::replaceInPlace(templateWelcome, std::string("%UI_THEME%"), uiTheme);
http::Response httpResponse(http::StatusCode::OK);
// Ask UAs to block if they detect any XSS attempt // Ask UAs to block if they detect any XSS attempt
httpResponse.add("X-XSS-Protection", "1; mode=block"); httpResponse.add("X-XSS-Protection", "1; mode=block");
// No referrer-policy // No referrer-policy
@ -1541,13 +1540,13 @@ void FileServerRequestHandler::preprocessWelcomeFile(const HTTPRequest& request,
} }
void FileServerRequestHandler::preprocessAdminFile(const HTTPRequest& request, void FileServerRequestHandler::preprocessAdminFile(const HTTPRequest& request,
const RequestDetails &requestDetails, http::Response& response,
const RequestDetails& requestDetails,
const std::shared_ptr<StreamSocket>& socket) const std::shared_ptr<StreamSocket>& socket)
{ {
if (!COOLWSD::AdminEnabled) if (!COOLWSD::AdminEnabled)
throw Poco::FileAccessDeniedException("Admin console disabled"); throw Poco::FileAccessDeniedException("Admin console disabled");
http::Response response(http::StatusCode::OK);
std::string jwtToken; std::string jwtToken;
if (!isAdminLoggedIn(request, jwtToken)) if (!isAdminLoggedIn(request, jwtToken))
{ {

7
wsd/FileServer.hpp
View File

@ -114,15 +114,18 @@ private:
const RequestDetails& requestDetails); const RequestDetails& requestDetails);
static ResourceAccessDetails preprocessFile(const Poco::Net::HTTPRequest& request, static ResourceAccessDetails preprocessFile(const Poco::Net::HTTPRequest& request,
http::Response& httpResponse,
const RequestDetails& requestDetails, const RequestDetails& requestDetails,
Poco::MemoryInputStream& message, Poco::MemoryInputStream& message,
const std::shared_ptr<StreamSocket>& socket); const std::shared_ptr<StreamSocket>& socket);
static void preprocessWelcomeFile(const Poco::Net::HTTPRequest& request, static void preprocessWelcomeFile(const Poco::Net::HTTPRequest& request,
const RequestDetails &requestDetails, http::Response& httpResponse,
const RequestDetails& requestDetails,
Poco::MemoryInputStream& message, Poco::MemoryInputStream& message,
const std::shared_ptr<StreamSocket>& socket); const std::shared_ptr<StreamSocket>& socket);
static void preprocessAdminFile(const Poco::Net::HTTPRequest& request, static void preprocessAdminFile(const Poco::Net::HTTPRequest& request,
const RequestDetails &requestDetails, http::Response& httpResponse,
const RequestDetails& requestDetails,
const std::shared_ptr<StreamSocket>& socket); const std::shared_ptr<StreamSocket>& socket);
/// Construct a JSON to be accepted by the cool.html from a list like /// Construct a JSON to be accepted by the cool.html from a list like