zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBSERV-342 added cors headers (with no effect so far)

Browse source
This commit is contained in:
anhefti 2022-09-01 08:44:26 +02:00
parent cfec81b2f7
commit 64fa613fda
2 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/main/java/ch/ethz/seb/sebserver/gui/ProctoringServlet.java
View file

@ -78,9 +78,17 @@ public class ProctoringServlet extends HttpServlet {
log.error("Failed to get proctoring window script for data: {}", proctoringData); log.error("Failed to get proctoring window script for data: {}", proctoringData);
resp.getOutputStream().println("Failed to get proctoring window script"); resp.getOutputStream().println("Failed to get proctoring window script");
} else { } else {
RAPConfiguration.setCORS(resp);
resp.getOutputStream().println(script); resp.getOutputStream().println(script);
} }
}
@Override
protected void doOptions(final HttpServletRequest req, final HttpServletResponse resp)
throws ServletException, IOException {
RAPConfiguration.setCORS(resp);
resp.setStatus(HttpServletResponse.SC_OK);
} }
private boolean isAuthenticated( private boolean isAuthenticated(

9
src/main/java/ch/ethz/seb/sebserver/gui/RAPConfiguration.java
View file

@ -121,9 +121,12 @@ public class RAPConfiguration implements ApplicationConfiguration {
final WebApplicationContext webApplicationContext = getWebApplicationContext(httpSession); final WebApplicationContext webApplicationContext = getWebApplicationContext(httpSession);
final boolean authenticated = isAuthenticated(httpSession, webApplicationContext); final boolean authenticated = isAuthenticated(httpSession, webApplicationContext);
if (authenticated) { if (authenticated) {
final EntryPointService entryPointService = webApplicationContext final EntryPointService entryPointService = webApplicationContext
.getBean(EntryPointService.class); .getBean(EntryPointService.class);
entryPointService.loadProctoringView(parent); entryPointService.loadProctoringView(parent);
final HttpServletResponse response = RWT.getResponse();
setCORS(response);
} else { } else {
final HttpServletResponse response = RWT.getResponse(); final HttpServletResponse response = RWT.getResponse();
response.setStatus(HttpStatus.FORBIDDEN.value()); response.setStatus(HttpStatus.FORBIDDEN.value());
@ -133,6 +136,12 @@ public class RAPConfiguration implements ApplicationConfiguration {
} }
} }
public static final void setCORS(final HttpServletResponse resp) {
resp.addHeader("Access-Control-Allow-Origin", "*");
resp.setHeader("Access-Control-Allow-Methods", "GET");
resp.setHeader("Vary", "Origin");
}
public static final class RAPSpringEntryPointFactory implements EntryPointFactory { public static final class RAPSpringEntryPointFactory implements EntryPointFactory {
private boolean initialized = false; private boolean initialized = false;