From 8b32cf9f09386fdeb910749c6656cd74b2b2741e Mon Sep 17 00:00:00 2001 From: Harshan Liyanage Date: Tue, 16 May 2017 15:28:31 +0530 Subject: [PATCH] Added Security filter configs. --- .../application/mgt/api/ApiOriginFilter.java | 43 +++++++++++++++++++ .../src/main/webapp/WEB-INF/web.xml | 10 +++++ 2 files changed, 53 insertions(+) create mode 100644 components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/java/org/wso2/carbon/device/application/mgt/api/ApiOriginFilter.java diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/java/org/wso2/carbon/device/application/mgt/api/ApiOriginFilter.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/java/org/wso2/carbon/device/application/mgt/api/ApiOriginFilter.java new file mode 100644 index 0000000000..275d9e5ec4 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/java/org/wso2/carbon/device/application/mgt/api/ApiOriginFilter.java @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.device.application.mgt.api; + +import javax.servlet.*; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +public class ApiOriginFilter implements Filter { + + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain chain) throws IOException, ServletException { + HttpServletResponse res = (HttpServletResponse) response; + res.addHeader("Access-Control-Allow-Origin", "*"); + res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); + res.addHeader("Access-Control-Allow-Headers", "Content-Type"); + chain.doFilter(request, response); + } + + public void destroy() { + //do nothing + } + + public void init(FilterConfig filterConfig) throws ServletException { + //do nothing + } + +} diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/webapp/WEB-INF/web.xml index 9bd5dfac58..ef52110172 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/webapp/WEB-INF/web.xml +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.api/src/main/webapp/WEB-INF/web.xml @@ -52,6 +52,11 @@ true + + ApiOriginFilter + org.wso2.carbon.device.application.mgt.api.ApiOriginFilter + + HttpHeaderSecurityFilter org.apache.catalina.filters.HttpHeaderSecurityFilter @@ -87,4 +92,9 @@ ContentTypeBasedCachePreventionFilter /* + + + ApiOriginFilter + /* + \ No newline at end of file