SLING-5092 - Missing Content type for system/console/slinglog/tailer.txt
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1723004 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/main/java/org/apache/sling/commons/log/logback/internal/SlingLogPanel.java b/src/main/java/org/apache/sling/commons/log/logback/internal/SlingLogPanel.java
index ac67b3f..9f637fb 100644
--- a/src/main/java/org/apache/sling/commons/log/logback/internal/SlingLogPanel.java
+++ b/src/main/java/org/apache/sling/commons/log/logback/internal/SlingLogPanel.java
@@ -134,6 +134,7 @@
if (req.getPathInfo() != null) {
if (req.getPathInfo().endsWith(PATH_TAILER)){
String appenderName = req.getParameter(PARAM_APPENDER_NAME);
+ addNoSniffHeader(resp);
if (appenderName == null){
pw.printf("Provide appender name via [%s] request parameter%n", PARAM_APPENDER_NAME);
return;
@@ -857,6 +858,9 @@
return (path != null) ? path : "[stdout]";
}
+ private static void addNoSniffHeader(HttpServletResponse resp) {
+ resp.setHeader("X-Content-Type-Options", "nosniff");
+ }
// ~------------------------------------------------Status Manager
// Based on ch.qos.logback.core.status.ViewStatusMessagesServletBase
diff --git a/src/test/java/org/apache/sling/commons/log/logback/integration/ITWebConsoleRemote.java b/src/test/java/org/apache/sling/commons/log/logback/integration/ITWebConsoleRemote.java
index 25e76b5..b64be25 100644
--- a/src/test/java/org/apache/sling/commons/log/logback/integration/ITWebConsoleRemote.java
+++ b/src/test/java/org/apache/sling/commons/log/logback/integration/ITWebConsoleRemote.java
@@ -23,6 +23,7 @@
import java.io.IOException;
import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
+import com.gargoylesoftware.htmlunit.Page;
import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import org.apache.commons.io.FilenameUtils;
@@ -38,6 +39,7 @@
import org.ops4j.pax.tinybundles.core.TinyBundle;
import org.osgi.framework.Constants;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.ops4j.pax.exam.CoreOptions.composite;
import static org.ops4j.pax.exam.CoreOptions.frameworkProperty;
@@ -134,6 +136,13 @@
assertTrue(text.contains("testremote.log"));
}
+ @Test
+ public void tailerHeader() throws Exception{
+ Page page = webClient.getPage(prepareUrl("slinglog/tailer.txt?name=webconsoletest1.log"));
+ String nosniffHeader = page.getWebResponse().getResponseHeaderValue("X-Content-Type-Options");
+ assertEquals("nosniff", nosniffHeader);
+ }
+
@AfterClass
public static void tearDownClass() {
if (testContainer != null) {