You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by jo...@apache.org on 2009/08/05 02:15:09 UTC
svn commit: r801038 - in /incubator/shindig/trunk/java/gadgets/src:
main/java/org/apache/shindig/gadgets/servlet/
test/java/org/apache/shindig/gadgets/servlet/
Author: johnh
Date: Wed Aug 5 00:15:09 2009
New Revision: 801038
URL: http://svn.apache.org/viewvc?rev=801038&view=rev
Log:
Restores Content-Disposition to makeRequest handler.
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java?rev=801038&r1=801037&r2=801038&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java Wed Aug 5 00:15:09 2009
@@ -131,6 +131,13 @@
refreshInterval = Math.max(60 * 60, (int)(results.getCacheTtl() / 1000L));
}
HttpUtil.setCachingHeaders(response, refreshInterval);
+
+ // We're skipping the content disposition header for flash due to an issue with Flash player 10
+ // This does make some sites a higher value phishing target, but this can be mitigated by
+ // additional referer checks.
+ if (!"application/x-shockwave-flash".equalsIgnoreCase(results.getHeader("Content-Type"))) {
+ response.setHeader("Content-Disposition", "attachment;filename=p.txt");
+ }
}
/**
Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java?rev=801038&r1=801037&r2=801038&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java Wed Aug 5 00:15:09 2009
@@ -144,8 +144,6 @@
}
}
- setResponseHeaders(request, response, results);
-
for (Map.Entry<String, String> entry : results.getHeaders().entries()) {
String name = entry.getKey();
if (!DISALLOWED_RESPONSE_HEADERS.contains(name.toLowerCase())) {
@@ -170,12 +168,7 @@
}
}
- // We're skipping the content disposition header for flash due to an issue with Flash player 10
- // This does make some sites a higher value phishing target, but this can be mitigated by
- // additional referer checks.
- if (!"application/x-shockwave-flash".equalsIgnoreCase(responseType)) {
- response.setHeader("Content-Disposition", "attachment;filename=p.txt");
- }
+ setResponseHeaders(request, response, results);
if (results.getHttpStatusCode() != HttpResponse.SC_OK) {
response.sendError(results.getHttpStatusCode());
Modified: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java?rev=801038&r1=801037&r2=801038&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java Wed Aug 5 00:15:09 2009
@@ -146,6 +146,7 @@
// Just verify that they were set. Specific values are configurable.
assertNotNull("Expires header not set", recorder.getHeader("Expires"));
assertNotNull("Cache-Control header not set", recorder.getHeader("Cache-Control"));
+ assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
}
public void testSetResponseHeadersForFlash() throws Exception {
@@ -160,6 +161,7 @@
// Just verify that they were set. Specific values are configurable.
assertNotNull("Expires header not set", recorder.getHeader("Expires"));
assertNotNull("Cache-Control header not set", recorder.getHeader("Cache-Control"));
+ assertNull(recorder.getHeader("Content-Disposition"));
}
public void testSetResponseHeadersNoCache() throws Exception {
@@ -176,6 +178,7 @@
assertNotNull("Expires header not set", recorder.getHeader("Expires"));
assertEquals("no-cache", recorder.getHeader("Pragma"));
assertEquals("no-cache", recorder.getHeader("Cache-Control"));
+ assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
}
public void testSetResponseHeadersForceParam() throws Exception {
@@ -186,6 +189,7 @@
proxy.setResponseHeaders(request, recorder, results);
HttpUtilTest.checkCacheControlHeaders(HttpUtilTest.testStartTime, recorder, 30, false);
+ assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
}
public void testSetResponseHeadersForceParamInvalid() throws Exception {
Modified: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java?rev=801038&r1=801037&r2=801038&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java Wed Aug 5 00:15:09 2009
@@ -87,7 +87,6 @@
verify();
assertEquals(DATA_ONE, recorder.getResponseAsString());
- assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
assertTrue(rewriter.responseWasRewritten());
}
@@ -109,7 +108,6 @@
assertEquals(Uri.parse(URL_ONE), httpRequest.getValue().getUri());
assertEquals(DATA_ONE, recorder.getResponseAsString());
- assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
assertTrue(rewriter.responseWasRewritten());
}
@@ -145,26 +143,6 @@
assertEquals(contentType, recorder.getHeader("Content-Type"));
assertEquals(magicGarbage, recorder.getHeader("X-Magic-Garbage"));
- assertEquals("attachment;filename=p.txt", recorder.getHeader("Content-Disposition"));
- assertTrue(rewriter.responseWasRewritten());
- }
-
- public void testFlashGetsNoContentDisposition() throws Exception {
- String url = "http://example.org/swiff.swf";
- String domain = "example.org";
- String contentType = "application/x-shockwave-flash";
- Map<String, List<String>> headers = Maps.newHashMap();
- headers.put("Content-Type", Arrays.asList(contentType));
-
- expect(lockedDomainService.isSafeForOpenProxy(domain)).andReturn(true).atLeastOnce();
- setupProxyRequestMock(domain, url);
- expectGetAndReturnHeaders(url, headers);
-
- replay();
-
- proxyHandler.fetch(request, recorder);
- assertEquals(contentType, recorder.getHeader("Content-Type"));
- assertNull("Content-disposition set for flash", recorder.getHeader("Content-Disposition"));
assertTrue(rewriter.responseWasRewritten());
}