| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.catalina.filters; |
| |
| import java.util.Enumeration; |
| |
| import javax.servlet.FilterConfig; |
| import javax.servlet.ServletContext; |
| |
| import org.apache.tomcat.unittest.TesterServletContext; |
| |
| public class TesterFilterConfigs { |
| public static final String HTTPS_WWW_APACHE_ORG = "https://www.apache.org"; |
| public static final String HTTP_TOMCAT_APACHE_ORG = |
| "http://tomcat.apache.org"; |
| public static final String EXPOSED_HEADERS = "X-CUSTOM-HEADER"; |
| /** |
| * Any origin |
| */ |
| public static final String ANY_ORIGIN = "*"; |
| |
| public static final TesterServletContext mockServletContext = |
| new TesterServletContext(); |
| |
| public static FilterConfig getDefaultFilterConfig() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getFilterConfigAnyOriginAndSupportsCredentials() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = "true"; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig |
| getFilterConfigAnyOriginAndSupportsCredentialsDisabled() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = "false"; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig |
| getFilterConfigSpecificOriginAndSupportsCredentialsDisabled() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String allowedOrigins = |
| HTTP_TOMCAT_APACHE_ORG + "," + HTTPS_WWW_APACHE_ORG; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = "false"; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getFilterConfigSpecificOriginNullAllowed() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
| final String allowedOrigins = HTTP_TOMCAT_APACHE_ORG + ",null"; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getFilterConfigWithExposedHeaders() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getSecureFilterConfig() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String allowedOrigins = HTTPS_WWW_APACHE_ORG; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = "true"; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getNullFilterConfig() { |
| return generateFilterConfig(null, null, null, null, null, null, null); |
| } |
| |
| public static FilterConfig getSpecificOriginFilterConfig() { |
| final String allowedOrigins = |
| HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG; |
| |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getSpecificOriginFilterConfigNegativeMaxAge() { |
| final String allowedOrigins = |
| HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG; |
| |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = "-1"; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getFilterConfigInvalidMaxPreflightAge() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = "abc"; |
| final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getEmptyFilterConfig() { |
| final String allowedHttpHeaders = ""; |
| final String allowedHttpMethods = ""; |
| final String allowedOrigins = ""; |
| final String exposedHeaders = ""; |
| final String supportCredentials = ""; |
| final String preflightMaxAge = ""; |
| final String decorateRequest = ""; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| public static FilterConfig getFilterConfigDecorateRequestDisabled() { |
| final String allowedHttpHeaders = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
| final String allowedHttpMethods = |
| CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
| final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
| final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
| final String supportCredentials = |
| CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
| final String preflightMaxAge = |
| CorsFilter.DEFAULT_PREFLIGHT_MAXAGE; |
| final String decorateRequest = "false"; |
| |
| return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, |
| allowedOrigins, exposedHeaders, supportCredentials, |
| preflightMaxAge, decorateRequest); |
| } |
| |
| private static FilterConfig generateFilterConfig( |
| final String allowedHttpHeaders, final String allowedHttpMethods, |
| final String allowedOrigins, final String exposedHeaders, |
| final String supportCredentials, final String preflightMaxAge, |
| final String decorateRequest) { |
| FilterConfig filterConfig = new FilterConfig() { |
| |
| @Override |
| public String getFilterName() { |
| return "cors-filter"; |
| } |
| |
| @Override |
| public ServletContext getServletContext() { |
| return mockServletContext; |
| } |
| |
| @Override |
| public String getInitParameter(String name) { |
| if (CorsFilter.PARAM_CORS_ALLOWED_HEADERS |
| .equalsIgnoreCase(name)) { |
| return allowedHttpHeaders; |
| } else if (CorsFilter.PARAM_CORS_ALLOWED_METHODS |
| .equalsIgnoreCase(name)) { |
| return allowedHttpMethods; |
| } else if (CorsFilter.PARAM_CORS_ALLOWED_ORIGINS |
| .equalsIgnoreCase(name)) { |
| return allowedOrigins; |
| } else if (CorsFilter.PARAM_CORS_EXPOSED_HEADERS |
| .equalsIgnoreCase(name)) { |
| return exposedHeaders; |
| } else if (CorsFilter.PARAM_CORS_SUPPORT_CREDENTIALS |
| .equalsIgnoreCase(name)) { |
| return supportCredentials; |
| } else if (CorsFilter.PARAM_CORS_PREFLIGHT_MAXAGE |
| .equalsIgnoreCase(name)) { |
| return preflightMaxAge; |
| } else if (CorsFilter.PARAM_CORS_REQUEST_DECORATE |
| .equalsIgnoreCase(name)) { |
| return decorateRequest; |
| } |
| return null; |
| } |
| |
| @Override |
| public Enumeration<String> getInitParameterNames() { |
| return null; |
| } |
| }; |
| |
| return filterConfig; |
| } |
| } |