You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by gh...@apache.org on 2017/06/08 21:42:20 UTC
svn commit: r1798130 -
/sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java
Author: ghenzler
Date: Thu Jun 8 21:42:20 2017
New Revision: 1798130
URL: http://svn.apache.org/viewvc?rev=1798130&view=rev
Log:
SLING-6946 Send CORS header Access-Control-Allow-Origin
Modified:
sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java
Modified: sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java?rev=1798130&r1=1798129&r2=1798130&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java (original)
+++ sling/trunk/bundles/extensions/healthcheck/core/src/main/java/org/apache/sling/hc/core/impl/servlet/HealthCheckExecutorServlet.java Thu Jun 8 21:42:20 2017
@@ -139,6 +139,12 @@ public class HealthCheckExecutorServlet
description = "Allows to disable the servlet if required for security reasons", boolValue = false)
private boolean disabled;
+ private static final String CORS_ORIGIN_HEADER_NAME = "Access-Control-Allow-Origin";
+ public static final String CORS_ORIGIN_HEADER_DEFAULT_VALUE = "*";
+ public static final String PROPERTY_CORS_ORIGIN_HEADER_VALUE = "cors.accessControlAllowOrigin";
+ @Property(name = PROPERTY_CORS_ORIGIN_HEADER_VALUE, label = "CORS Access-Control-Allow-Origin", description = "Sets the Access-Control-Allow-Origin CORS header. If blank no header is sent.", value = CORS_ORIGIN_HEADER_DEFAULT_VALUE)
+ private String corsAccessControlAllowOrigin;
+
@Reference
private HttpService httpService;
@@ -162,6 +168,7 @@ public class HealthCheckExecutorServlet
final Dictionary<?, ?> properties = context.getProperties();
this.servletPath = PropertiesUtil.toString(properties.get(PROPERTY_SERVLET_PATH), SERVLET_PATH_DEFAULT);
this.disabled = PropertiesUtil.toBoolean(properties.get(PROPERTY_DISABLED), false);
+ this.corsAccessControlAllowOrigin = PropertiesUtil.toString(properties.get(PROPERTY_CORS_ORIGIN_HEADER_VALUE), CORS_ORIGIN_HEADER_DEFAULT_VALUE);
Map<String, HttpServlet> servletsToRegister = new LinkedHashMap<String, HttpServlet>();
servletsToRegister.put(this.servletPath, this);
@@ -260,6 +267,7 @@ public class HealthCheckExecutorServlet
Result overallResult = new Result(mostSevereStatus, "Overall status " + mostSevereStatus);
sendNoCacheHeaders(response);
+ sendCorsHeaders(response);
if (statusMapping != null) {
Integer httpStatus = statusMapping.get(overallResult.getStatus());
@@ -341,6 +349,12 @@ public class HealthCheckExecutorServlet
response.setHeader(CACHE_CONTROL_KEY, CACHE_CONTROL_VALUE);
}
+ private void sendCorsHeaders(final HttpServletResponse response) {
+ if (StringUtils.isNotBlank(corsAccessControlAllowOrigin)) {
+ response.setHeader(CORS_ORIGIN_HEADER_NAME, corsAccessControlAllowOrigin);
+ }
+ }
+
private String getHtmlHelpText() {
final StringBuilder sb = new StringBuilder();
sb.append("<h3>Supported URL parameters</h3>\n");