List of usage examples for javax.servlet.http HttpServletResponse setDateHeader
public void setDateHeader(String name, long date);
From source file:ru.org.linux.group.GroupController.java
private ModelAndView forum(@PathVariable("group") String groupName, @RequestParam(defaultValue = "0", value = "offset") int offset, @RequestParam(defaultValue = "false") boolean lastmod, HttpServletRequest request, HttpServletResponse response, Integer year, Integer month) throws Exception { Map<String, Object> params = new HashMap<>(); Template tmpl = Template.getTemplate(request); boolean showDeleted = request.getParameter("deleted") != null; params.put("showDeleted", showDeleted); Section section = sectionService.getSection(Section.SECTION_FORUM); params.put("groupList", groupDao.getGroups(section)); Group group = groupDao.getGroup(section, groupName); if (showDeleted && !"POST".equals(request.getMethod())) { return new ModelAndView(new RedirectView(group.getUrl())); }//from ww w . j a v a2 s. c o m if (showDeleted && !tmpl.isSessionAuthorized()) { throw new AccessViolationException(" "); } boolean firstPage; if (offset != 0) { firstPage = false; if (offset < 0) { throw new ServletParameterBadValueException("offset", "offset "); } if (year == null && offset > MAX_OFFSET) { return new ModelAndView(new RedirectView(group.getUrl() + "archive")); } } else { firstPage = true; } params.put("firstPage", firstPage); params.put("offset", offset); params.put("prevPage", offset - tmpl.getProf().getTopics()); params.put("nextPage", offset + tmpl.getProf().getTopics()); params.put("lastmod", lastmod); boolean showIgnored = false; if (request.getParameter("showignored") != null) { showIgnored = "t".equals(request.getParameter("showignored")); } params.put("showIgnored", showIgnored); params.put("group", group); if (group.getImage() != null) { try { params.put("groupImagePath", '/' + tmpl.getStyle() + group.getImage()); ImageInfo info = new ImageInfo( configuration.getHTMLPathPrefix() + tmpl.getStyle() + group.getImage()); params.put("groupImageInfo", info); } catch (BadImageException ex) { params.put("groupImagePath", null); params.put("groupImageInfo", null); } } else { params.put("groupImagePath", null); params.put("groupImageInfo", null); } params.put("section", section); params.put("groupInfo", prepareService.prepareGroupInfo(group, request.isSecure())); if (year != null) { if (year < 1990 || year > 3000) { throw new ServletParameterBadValueException("year", " "); } if (month < 1 || month > 12) { throw new ServletParameterBadValueException("month", " ??"); } params.put("year", year); params.put("month", month); params.put("url", group.getUrl() + year + '/' + month + '/'); } else { params.put("url", group.getUrl()); } List<TopicsListItem> mainTopics = getTopics(group, tmpl.getProf().getMessages(), lastmod, year, month, tmpl.getProf().getTopics(), offset, showDeleted, showIgnored, tmpl.getCurrentUser()); if (year == null && offset == 0 && !lastmod) { List<TopicsListItem> stickyTopics = getStickyTopics(group, tmpl.getProf().getMessages()); params.put("topicsList", Lists.newArrayList(Iterables.concat(stickyTopics, mainTopics))); } else { params.put("topicsList", mainTopics); } if (year != null) { params.put("hasNext", offset + tmpl.getProf().getTopics() < getArchiveCount(group.getId(), year, month)); } else { params.put("hasNext", offset < MAX_OFFSET && mainTopics.size() == tmpl.getProf().getTopics()); } params.put("addable", groupPermissionService.isTopicPostingAllowed(group, tmpl.getCurrentUser())); response.setDateHeader("Expires", System.currentTimeMillis() + 90 * 1000); return new ModelAndView("group", params); }
From source file:com.netspective.sparx.navigate.NavigationControllerServlet.java
protected void renderPage(NavigationContext nc) throws ServletException, IOException { final HttpServletResponse httpResponse = nc.getHttpResponse(); if (isSecure()) { HttpLoginManager loginManager = getLoginManager(); LoginDialogMode loginDialogMode = LoginDialogMode.ACCESS_ALLOWED; if (loginManager != null) { loginDialogMode = loginManager.getLoginDialogMode(nc); // if we're getting input or we're denying login it means that the presentation is complete (HTML is already on the screen) if (loginDialogMode == LoginDialogMode.GET_INPUT || loginDialogMode == LoginDialogMode.LOGIN_DENIED) return; }/*from www .j a v a2 s. com*/ // if we get to here, it means that the login dialog mode is either LOGIN_ACCEPTED (user has just logged in) or ACCESS_ALLOWED // which means that access was previously granted and the user is still valid // check to see if the user has recently logged in and is using the wrong navigation tree if (loginDialogMode == LoginDialogMode.LOGIN_ACCEPTED) { AuthenticatedUser user = nc.getAuthenticatedUser(); if (user instanceof NavigationControllerAuthenticatedUser) { NavigationControllerAuthenticatedUser ncUser = (NavigationControllerAuthenticatedUser) user; if (ncUser.hasUserSpecificNavigationTree()) { NavigationTree userTree = ncUser.getUserSpecificNavigationTree(this, nc.getHttpRequest(), httpResponse); if (userTree != null && nc.getOwnerTree() != userTree) { // we want to redirect back to the home page of the navigation tree so that the proper tree // will be picked up by the createContext() method ncUser.redirectToUserTree(nc); return; } } } } } NavigationPage activePage = nc.getActivePage(); if (activePage != null) { nc.getResponse().setContentType("text/html"); if (nc.isActivePageValid()) { // make any necessary state changes (such as permissions, conditionals, etc). activePage.makeStateChanges(nc); // check to see if we have static content and we're in development mode (because in development presumably we don't want // anything to be static since 'static' is a performance attribute, not functionality if (!nc.getRuntimeEnvironmentFlags().isDevelopment() && activePage.getFlags().flagIsSet(NavigationPage.Flags.STATIC_CONTENT)) { final HttpServletRequest httpRequest = nc.getHttpRequest(); String staticPageKey = httpRequest.getServletPath() + httpRequest.getPathInfo(); Date lastModfTime = (Date) staticPagesRendered.get(staticPageKey); // If the client sent an If-Modified-Since header equal or after the // servlet's last modified time, send a short "Not Modified" status code // Round down to the nearest second since client headers are in seconds if (lastModfTime != null && httpRequest.getMethod().equals("GET") && ((lastModfTime.getTime() / 1000 * 1000) <= httpRequest .getDateHeader("If-Modified-Since"))) { httpResponse.setStatus(HttpServletResponse.SC_NOT_MODIFIED); return; } else { Date now = new Date(); httpResponse.setDateHeader("Last-Modified", now.getTime()); staticPagesRendered.put(staticPageKey, now); } } // if we get to there we're not static content or we're static but being rendered for the first // time in this instance of the servlet if (activePage.isRawHandler(nc)) activePage.handlePageRaw(nc); else activePage.handlePage(nc.getResponse().getWriter(), nc); } else activePage.handleInvalidPage(nc.getResponse().getWriter(), nc); } else { Writer writer = nc.getResponse().getWriter(); NavigationSkin skin = nc.getSkin(); NavigationTree tree = nc.getOwnerTree(); skin.renderPageMetaData(writer, nc); skin.renderPageHeader(writer, nc); writer.write("No page located for path '" + nc.getActivePathFindResults().getSearchedForPath() + "'."); if (nc.getRuntimeEnvironmentFlags().flagIsSet(RuntimeEnvironmentFlags.DEVELOPMENT)) { writer.write("<pre>\n"); writer.write(tree.toString()); writer.write("</pre>\n"); } skin.renderPageFooter(writer, nc); } }
From source file:org.openhab.ui.cometvisu.internal.servlet.CometVisuServlet.java
/** * Process the actual request./* w w w. j a v a2 s.co m*/ * * @param request * The request to be processed. * @param response * The response to be created. * @param content * Whether the request body should be written (GET) or not * (HEAD). * @throws IOException * If something fails at I/O level. * * @author BalusC * @link * http://balusc.blogspot.com/2009/02/fileservlet-supporting-resume-and * .html */ private void processStaticRequest(File file, HttpServletRequest request, HttpServletResponse response, boolean content) throws IOException { // Validate the requested file // ------------------------------------------------------------ if (file == null) { // Get requested file by path info. String requestedFile = request.getPathInfo(); // Check if file is actually supplied to the request URL. if (requestedFile == null) { // Do your thing if the file is not supplied to the request URL. // Throw an exception, or send 404, or show default/warning // page, or // just ignore it. response.sendError(HttpServletResponse.SC_NOT_FOUND); return; } // URL-decode the file name (might contain spaces and on) and // prepare // file object. file = new File(rootFolder, URLDecoder.decode(requestedFile, "UTF-8")); } if (file.equals(rootFolder) || (file.exists() && file.isDirectory())) { file = new File(file, "index.html"); } // Check if file actually exists in filesystem. if (!file.exists()) { // show installation hints if the CometVisu-Clients main index.html is requested but cannot be found if (file.getParentFile().equals(rootFolder) && (file.getName().equalsIgnoreCase("index.html") || file.getName().length() == 0)) { // looking for CometVisu clients index.html file String path = null; File folder = file.isDirectory() ? file : file.getParentFile(); if (folder.exists()) { File index = ClientInstaller.findClientRoot(folder, "index.html"); path = index.exists() ? index.getPath().replaceFirst(rootFolder.getPath() + "/", "") : null; } if (path != null) { // forward to position response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); response.setHeader("Location", path + "?" + request.getQueryString()); } else { showInstallationHint(request, response); } } else { response.sendError(HttpServletResponse.SC_NOT_FOUND); } return; } // Prepare some variables. The ETag is an unique identifier of the file. String fileName = file.getName(); long length = file.length(); long lastModified = file.lastModified(); String eTag = fileName + "_" + length + "_" + lastModified; long expires = System.currentTimeMillis() + DEFAULT_EXPIRE_TIME; // Validate request headers for caching // --------------------------------------------------- // If-None-Match header should contain "*" or ETag. If so, then return // 304. String ifNoneMatch = request.getHeader("If-None-Match"); if (ifNoneMatch != null && matches(ifNoneMatch, eTag)) { response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); response.setHeader("ETag", eTag); // Required in 304. response.setDateHeader("Expires", expires); // Postpone cache with 1 // week. return; } // If-Modified-Since header should be greater than LastModified. If so, // then return 304. // This header is ignored if any If-None-Match header is specified. long ifModifiedSince = request.getDateHeader("If-Modified-Since"); if (ifNoneMatch == null && ifModifiedSince != -1 && ifModifiedSince + 1000 > lastModified) { response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); response.setHeader("ETag", eTag); // Required in 304. response.setDateHeader("Expires", expires); // Postpone cache with 1 // week. return; } // Validate request headers for resume // ---------------------------------------------------- // If-Match header should contain "*" or ETag. If not, then return 412. String ifMatch = request.getHeader("If-Match"); if (ifMatch != null && !matches(ifMatch, eTag)) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } // If-Unmodified-Since header should be greater than LastModified. If // not, then return 412. long ifUnmodifiedSince = request.getDateHeader("If-Unmodified-Since"); if (ifUnmodifiedSince != -1 && ifUnmodifiedSince + 1000 <= lastModified) { response.sendError(HttpServletResponse.SC_PRECONDITION_FAILED); return; } // Validate and process range // ------------------------------------------------------------- // Prepare some variables. The full Range represents the complete file. Range full = new Range(0, length - 1, length); List<Range> ranges = new ArrayList<Range>(); // Validate and process Range and If-Range headers. String range = request.getHeader("Range"); if (range != null) { // Range header should match format "bytes=n-n,n-n,n-n...". If not, // then return 416. if (!range.matches("^bytes=\\d*-\\d*(,\\d*-\\d*)*$")) { response.setHeader("Content-Range", "bytes */" + length); // Required // in // 416. response.sendError(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE); return; } // If-Range header should either match ETag or be greater then // LastModified. If not, // then return full file. String ifRange = request.getHeader("If-Range"); if (ifRange != null && !ifRange.equals(eTag)) { try { long ifRangeTime = request.getDateHeader("If-Range"); // Throws // IAE // if // invalid. if (ifRangeTime != -1 && ifRangeTime + 1000 < lastModified) { ranges.add(full); } } catch (IllegalArgumentException ignore) { ranges.add(full); } } // If any valid If-Range header, then process each part of byte // range. if (ranges.isEmpty()) { for (String part : range.substring(6).split(",")) { // Assuming a file with length of 100, the following // examples returns bytes at: // 50-80 (50 to 80), 40- (40 to length=100), -20 // (length-20=80 to length=100). long start = sublong(part, 0, part.indexOf("-")); long end = sublong(part, part.indexOf("-") + 1, part.length()); if (start == -1) { start = length - end; end = length - 1; } else if (end == -1 || end > length - 1) { end = length - 1; } // Check if Range is syntactically valid. If not, then // return 416. if (start > end) { response.setHeader("Content-Range", "bytes */" + length); // Required // in // 416. response.sendError(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE); return; } // Add range. ranges.add(new Range(start, end, length)); } } } // Prepare and initialize response // -------------------------------------------------------- // Get content type by file name and set default GZIP support and // content disposition. String contentType = getServletContext().getMimeType(fileName); boolean acceptsGzip = false; String disposition = "inline"; // If content type is unknown, then set the default value. // For all content types, see: // http://www.w3schools.com/media/media_mimeref.asp // To add new content types, add new mime-mapping entry in web.xml. if (contentType == null) { contentType = "application/octet-stream"; } // If content type is text, then determine whether GZIP content encoding // is supported by // the browser and expand content type with the one and right character // encoding. if (contentType.startsWith("text")) { String acceptEncoding = request.getHeader("Accept-Encoding"); acceptsGzip = acceptEncoding != null && accepts(acceptEncoding, "gzip"); contentType += ";charset=UTF-8"; } // Else, expect for images, determine content disposition. If content // type is supported by // the browser, then set to inline, else attachment which will pop a // 'save as' dialogue. else if (!contentType.startsWith("image")) { String accept = request.getHeader("Accept"); disposition = accept != null && accepts(accept, contentType) ? "inline" : "attachment"; } response.setBufferSize(DEFAULT_BUFFER_SIZE); response.setHeader("Content-Disposition", disposition + ";filename=\"" + fileName + "\""); response.setHeader("Accept-Ranges", "bytes"); response.setHeader("ETag", eTag); response.setDateHeader("Last-Modified", lastModified); response.setDateHeader("Expires", expires); // Send requested file (part(s)) to client // ------------------------------------------------ // Prepare streams. RandomAccessFile input = null; OutputStream output = null; try { // Open streams. input = new RandomAccessFile(file, "r"); output = response.getOutputStream(); if (ranges.isEmpty() || ranges.get(0) == full) { // Return full file. Range r = full; response.setContentType(contentType); response.setHeader("Content-Range", "bytes " + r.start + "-" + r.end + "/" + r.total); if (content) { if (acceptsGzip) { // The browser accepts GZIP, so GZIP the content. response.setHeader("Content-Encoding", "gzip"); output = new GZIPOutputStream(output, DEFAULT_BUFFER_SIZE); } else { // Content length is not directly predictable in case of // GZIP. // So only add it if there is no means of GZIP, else // browser will hang. response.setHeader("Content-Length", String.valueOf(r.length)); } // Copy full range. copy(input, output, r.start, r.length); } } else if (ranges.size() == 1) { // Return single part of file. Range r = ranges.get(0); response.setContentType(contentType); response.setHeader("Content-Range", "bytes " + r.start + "-" + r.end + "/" + r.total); response.setHeader("Content-Length", String.valueOf(r.length)); response.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); // 206. if (content) { // Copy single part range. copy(input, output, r.start, r.length); } } else { // Return multiple parts of file. response.setContentType("multipart/byteranges; boundary=" + MULTIPART_BOUNDARY); response.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); // 206. if (content) { // Cast back to ServletOutputStream to get the easy println // methods. ServletOutputStream sos = (ServletOutputStream) output; // Copy multi part range. for (Range r : ranges) { // Add multipart boundary and header fields for every // range. sos.println(); sos.println("--" + MULTIPART_BOUNDARY); sos.println("Content-Type: " + contentType); sos.println("Content-Range: bytes " + r.start + "-" + r.end + "/" + r.total); // Copy single part range of multi part range. copy(input, output, r.start, r.length); } // End with multipart boundary. sos.println(); sos.println("--" + MULTIPART_BOUNDARY + "--"); } } } finally { // Gently close streams. close(output); close(input); } }
From source file:httpUtils.HttpUtils.java
/** * Parse the request headers, build the response, stream back file * @param request//from w ww .ja v a2s.co m * @param response * @param dataStream * @param fileLength * @param fileName * @param fileLastModified * @param contentType * @return */ private static HttpServletResponse getFileAsStream(HttpServletRequest request, HttpServletResponse response, InputStream dataStream, long fileLength, String fileName, long fileLastModified, String contentType) { if (dataStream == null) { response.setStatus(HttpServletResponse.SC_NOT_FOUND); return response; } if (StringUtils.isEmpty(fileName) || fileLastModified == 0L) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return response; } String ifNoneMatch = request.getHeader("If-None-Match"); if (ifNoneMatch != null && matches(ifNoneMatch, fileName)) { response.setHeader("ETag", fileName); response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); return response; } long ifModifiedSince = request.getDateHeader("If-Modified-Since"); if (ifNoneMatch == null && ifModifiedSince != -1 && ifModifiedSince + 1000 > fileLastModified) { response.setHeader("ETag", fileName); response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); return response; } String ifMatch = request.getHeader("If-Match"); if (ifMatch != null && !matches(ifMatch, fileName)) { response.setStatus(HttpServletResponse.SC_PRECONDITION_FAILED); return response; } long ifUnmodifiedSince = request.getDateHeader("If-Unmodified-Since"); if (ifUnmodifiedSince != -1 && ifUnmodifiedSince + 1000 <= fileLastModified) { response.setStatus(HttpServletResponse.SC_PRECONDITION_FAILED); return response; } Range full = new Range(0, fileLength - 1, fileLength); List<Range> ranges = new ArrayList<Range>(); String range = request.getHeader("Range"); if (range != null) { if (!range.matches("^bytes=\\d*-\\d*(,\\d*-\\d*)*$")) { response.setHeader("Content-Range", "bytes */" + fileLength); response.setStatus(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE); return response; } String ifRange = request.getHeader("If-Range"); if (ifRange != null && !ifRange.equals(fileName)) { try { long ifRangeTime = request.getDateHeader("If-Range"); if (ifRangeTime != -1) { ranges.add(full); } } catch (IllegalArgumentException ignore) { ranges.add(full); } } if (ranges.isEmpty()) { for (String part : range.substring(6).split(",")) { // Assuming a file with length of 100, the following // examples returns bytes at: // 50-80 (50 to 80), 40- (40 to length=100), -20 // (length-20=80 to length=100). long start = sublong(part, 0, part.indexOf("-")); long end = sublong(part, part.indexOf("-") + 1, part.length()); if (start == -1) { start = fileLength - end; end = fileLength - 1; } else if (end == -1 || end > fileLength - 1) { end = fileLength - 1; } // Check if Range is syntactically valid. If not, then // return 416. if (start > end) { response.setHeader("Content-Range", "bytes */" + fileLength); // Required // in // 416. response.setStatus(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE); return response; } // Add range. ranges.add(new Range(start, end, fileLength)); } } } // Get content type by file name and set content disposition. String disposition = "inline"; // If content type is unknown, then set the default value. // For all content types, see: // http://www.w3schools.com/media/media_mimeref.asp // To add new content types, add new mime-mapping entry in web.xml. if (contentType == null) { contentType = "application/octet-stream"; } else if (!contentType.startsWith("image")) { // Else, expect for images, determine content disposition. If // content type is supported by // the browser, then set to inline, else attachment which will pop a // 'save as' dialogue. String accept = request.getHeader("Accept"); disposition = accept != null && accepts(accept, contentType) ? "inline" : "attachment"; } // Initialize response. response.reset(); response.setBufferSize(HttpUtils.DEFAULT_BUFFER_SIZE); response.setHeader("Content-Disposition", disposition + ";filename=\"" + fileName + "\""); response.setHeader("Accept-Ranges", "bytes"); response.setHeader("ETag", fileName); response.setDateHeader("Last-Modified", fileLastModified); response.setDateHeader("Expires", System.currentTimeMillis() + HttpUtils.DEFAULT_EXPIRE_TIME); // Send requested file (part(s)) to client // ------------------------------------------------ // Prepare streams. InputStream input = null; OutputStream output = null; try { // Open streams. input = new BufferedInputStream(dataStream); output = response.getOutputStream(); if (ranges.isEmpty() || ranges.get(0) == full) { // Return full file. Range r = full; response.setContentType(contentType); response.setHeader("Content-Range", "bytes " + r.start + "-" + r.end + "/" + r.total); response.setHeader("Content-Length", String.valueOf(r.length)); copy(input, output, fileLength, r.start, r.length); } else if (ranges.size() == 1) { // Return single part of file. Range r = ranges.get(0); response.setContentType(contentType); response.setHeader("Content-Range", "bytes " + r.start + "-" + r.end + "/" + r.total); response.setHeader("Content-Length", String.valueOf(r.length)); response.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); // 206. // Copy single part range. copy(input, output, fileLength, r.start, r.length); } else { // Return multiple parts of file. response.setContentType("multipart/byteranges; boundary=" + HttpUtils.MULTIPART_BOUNDARY); response.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); // 206. // Cast back to ServletOutputStream to get the easy println // methods. ServletOutputStream sos = (ServletOutputStream) output; // Copy multi part range. for (Range r : ranges) { // Add multipart boundary and header fields for every range. sos.println(); sos.println("--" + HttpUtils.MULTIPART_BOUNDARY); sos.println("Content-Type: " + contentType); sos.println("Content-Range: bytes " + r.start + "-" + r.end + "/" + r.total); // Copy single part range of multi part range. copy(input, output, fileLength, r.start, r.length); } // End with multipart boundary. sos.println(); sos.println("--" + HttpUtils.MULTIPART_BOUNDARY + "--"); } } catch (Exception e) { log.error("get file as stream failed", e); } finally { // Gently close streams. close(output); close(input); close(dataStream); } return response; }
From source file:org.appcelerator.transport.UploadTransportServlet.java
@Override @SuppressWarnings("unchecked") protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (request.getMethod().equalsIgnoreCase("POST")) { // paranoia check -we don't accept urlencoded transfers which are very bad performance wise if (false == ServletFileUpload.isMultipartContent(request)) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "must be 'multipart/form-data'"); return; }/*from www . ja v a 2 s . co m*/ String type = null; String callback = null; long size = 0L; // String instanceid = null; IMessageDataObject data = MessageUtils.createMessageDataObject(); try { ServletFileUpload upload = new ServletFileUpload(fileFactory); List items = upload.parseRequest(request); for (Iterator i = items.iterator(); i.hasNext();) { FileItem item = (FileItem) i.next(); if (item.isFormField()) { if (item.getFieldName().equals("callback")) { callback = item.getString(); continue; } else if (item.getFieldName().equals("type")) { type = item.getString(); continue; } else if (item.getFieldName().equals("instanceid")) { //instanceid = item.getString(); continue; } // place it in the data payload data.put(item.getFieldName(), item.getString()); } else { File f = null; if (tempDirectory != null) { f = File.createTempFile("sup", ".tmp", tempDirectory); } else { f = File.createTempFile("sup", ".tmp"); } f.deleteOnExit(); // write out the temporary file item.write(f); size = item.getSize(); IMessageDataObject filedata = MessageUtils.createMessageDataObject(); filedata.put("file", f.getAbsolutePath()); filedata.put("size", size); filedata.put("contentType", item.getContentType()); filedata.put("fieldName", item.getFieldName()); filedata.put("fileName", item.getName()); data.put("filedata", filedata); } } // required parameter type if (type == null || type.equals("")) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "missing 'type' parameter"); return; } } catch (Throwable fe) { fe.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, fe.getMessage()); return; } String scope = request.getParameter("scope"); String version = request.getParameter("version"); if (scope == null) { scope = "appcelerator"; } if (version == null) { version = "1.0"; } // create a message Message msg = new Message(); msg.setUser(request.getUserPrincipal()); msg.setSession(request.getSession()); msg.setServletRequest(request); msg.setType(type); msg.setData(data); msg.setAddress(InetAddress.getByName(request.getRemoteAddr())); msg.setScope(scope); msg.setVersion(version); // send the data ArrayList<Message> responses = new ArrayList<Message>(); try { ServiceRegistry.dispatch(msg, responses); } catch (Exception ex) { LOG.error("error dispatching upload message: " + msg, ex); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return; } response.setHeader("Pragma", "no-cache"); response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate, private"); response.setDateHeader("Expires", System.currentTimeMillis() - TimeUtil.ONE_YEAR); response.setContentType("text/html;charset=UTF-8"); // optionally, invoke a callback function/message on upload in the client if (callback != null || !responses.isEmpty()) { StringBuilder code = new StringBuilder(); code.append("<html><head><script>"); if (callback != null) { if (callback.startsWith("l:") || callback.startsWith("local:") || callback.startsWith("r:") || callback.startsWith("remote:")) { code.append(makeMessage(callback, "{size:" + size + "}", scope, version)); } else { // a javascript function to call code.append("window.parent.").append(callback).append("();"); } } for (Message m : responses) { code.append(makeMessage(m.getType(), m.getData().toDataString(), m.getScope(), m.getVersion())); } code.append("</script></head><body></body></html>"); // send the response response.setStatus(HttpServletResponse.SC_OK); response.getWriter().print(code.toString()); } else { response.setStatus(HttpServletResponse.SC_ACCEPTED); } } else { response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "method was: " + request.getMethod()); } }
From source file:com.ibm.jaggr.core.impl.AbstractAggregatorImpl.java
protected void processAggregatorRequest(HttpServletRequest req, HttpServletResponse resp) { final String sourceMethod = "processAggregatorRequest"; //$NON-NLS-1$ boolean isTraceLogging = log.isLoggable(Level.FINER); if (isTraceLogging) { log.entering(AbstractAggregatorImpl.class.getName(), sourceMethod, new Object[] { req, resp }); }//from ww w. j a v a 2 s.co m req.setAttribute(AGGREGATOR_REQATTRNAME, this); ConcurrentMap<String, Object> concurrentMap = new ConcurrentHashMap<String, Object>(); req.setAttribute(CONCURRENTMAP_REQATTRNAME, concurrentMap); try { // Validate config last-modified if development mode is enabled if (getOptions().isDevelopmentMode()) { long lastModified = -1; URI configUri = getConfig().getConfigUri(); if (configUri != null) { try { // try to get platform URI from IResource in case uri specifies // aggregator specific scheme like namedbundleresource configUri = newResource(configUri).getURI(); } catch (UnsupportedOperationException e) { // Not fatal. Just use uri as specified. } lastModified = configUri.toURL().openConnection().getLastModified(); } if (lastModified > getConfig().lastModified()) { if (reloadConfig()) { // If the config has been modified, then dependencies will be revalidated // asynchronously. Rather than forcing the current request to wait, return // a response that will display an alert informing the user of what is // happening and asking them to reload the page. String content = "alert('" + //$NON-NLS-1$ StringUtil.escapeForJavaScript(Messages.ConfigModified) + "');"; //$NON-NLS-1$ resp.addHeader("Cache-control", "no-store"); //$NON-NLS-1$ //$NON-NLS-2$ CopyUtil.copy(new StringReader(content), resp.getOutputStream()); return; } } } getTransport().decorateRequest(req); notifyRequestListeners(RequestNotifierAction.start, req, resp); ILayer layer = getLayer(req); long modifiedSince = req.getDateHeader("If-Modified-Since"); //$NON-NLS-1$ long lastModified = (Math.max(getCacheManager().getCache().getCreated(), layer.getLastModified(req)) / 1000) * 1000; if (modifiedSince >= lastModified) { if (log.isLoggable(Level.FINER)) { log.finer("Returning Not Modified response for layer in servlet" + //$NON-NLS-1$ getName() + ":" //$NON-NLS-1$ + req.getAttribute(IHttpTransport.REQUESTEDMODULENAMES_REQATTRNAME).toString()); } resp.setStatus(HttpServletResponse.SC_NOT_MODIFIED); } else { // Get the InputStream for the response. This call sets the Content-Type, // Content-Length and Content-Encoding headers in the response. InputStream in = layer.getInputStream(req, resp); // if any of the readers included an error response, then don't cache the layer. if (req.getAttribute(ILayer.NOCACHE_RESPONSE_REQATTRNAME) != null) { resp.addHeader("Cache-Control", "no-store"); //$NON-NLS-1$ //$NON-NLS-2$ } else { resp.setDateHeader("Last-Modified", lastModified); //$NON-NLS-1$ int expires = getConfig().getExpires(); resp.addHeader("Cache-Control", //$NON-NLS-1$ "public" + (expires > 0 ? (", max-age=" + expires) : "") //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ ); } CopyUtil.copy(in, resp.getOutputStream()); } notifyRequestListeners(RequestNotifierAction.end, req, resp); } catch (DependencyVerificationException e) { // clear the cache now even though it will be cleared when validateDeps has // finished (asynchronously) so that any new requests will be forced to wait // until dependencies have been validated. getCacheManager().clearCache(); getDependencies().validateDeps(false); resp.addHeader("Cache-control", "no-store"); //$NON-NLS-1$ //$NON-NLS-2$ if (getOptions().isDevelopmentMode()) { String msg = StringUtil.escapeForJavaScript(MessageFormat.format(Messages.DepVerificationFailed, new Object[] { e.getMessage(), "aggregator " + //$NON-NLS-1$ "validatedeps " + //$NON-NLS-1$ getName() + " clean", //$NON-NLS-1$ getWorkingDirectory().toString().replace("\\", "\\\\") //$NON-NLS-1$ //$NON-NLS-2$ })); String content = "alert('" + msg + "');"; //$NON-NLS-1$ //$NON-NLS-2$ try { CopyUtil.copy(new StringReader(content), resp.getOutputStream()); } catch (IOException e1) { if (log.isLoggable(Level.SEVERE)) { log.log(Level.SEVERE, e1.getMessage(), e1); } resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } else { resp.setStatus(HttpServletResponse.SC_SERVICE_UNAVAILABLE); } } catch (ProcessingDependenciesException e) { resp.addHeader("Cache-control", "no-store"); //$NON-NLS-1$ //$NON-NLS-2$ if (getOptions().isDevelopmentMode()) { String content = "alert('" + StringUtil.escapeForJavaScript(Messages.Busy) + "');"; //$NON-NLS-1$ //$NON-NLS-2$ try { CopyUtil.copy(new StringReader(content), resp.getOutputStream()); } catch (IOException e1) { if (log.isLoggable(Level.SEVERE)) { log.log(Level.SEVERE, e1.getMessage(), e1); } resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } else { resp.setStatus(HttpServletResponse.SC_SERVICE_UNAVAILABLE); } } catch (BadRequestException e) { exceptionResponse(req, resp, e, HttpServletResponse.SC_BAD_REQUEST); } catch (NotFoundException e) { exceptionResponse(req, resp, e, HttpServletResponse.SC_NOT_FOUND); } catch (Exception e) { exceptionResponse(req, resp, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } finally { concurrentMap.clear(); } if (isTraceLogging) { log.exiting(AbstractAggregatorImpl.class.getName(), sourceMethod); } }
From source file:org.jahia.services.content.files.FileServlet.java
@Override protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { long timer = System.currentTimeMillis(); int code = HttpServletResponse.SC_OK; try {/* w ww .j a v a2 s .c o m*/ FileKey fileKey = parseKey(req); if (fileKey != null && fileKey.getWorkspace() != null && StringUtils.isNotEmpty(fileKey.getPath())) { Cache<String, FileLastModifiedCacheEntry> lastModifiedCache = cacheManager.getLastModifiedCache(); FileLastModifiedCacheEntry lastModifiedEntry = lastModifiedCache.get(fileKey.getCacheKey()); if (isNotModified(fileKey, lastModifiedEntry, req, res)) { // resource is not changed code = HttpServletResponse.SC_NOT_MODIFIED; res.setStatus(HttpServletResponse.SC_NOT_MODIFIED); logAccess(fileKey, req, "ok-not-modified"); return; } Cache<String, Map<String, FileCacheEntry>> contentCache = cacheManager.getContentCache(); Map<String, FileCacheEntry> entries = contentCache.get(fileKey.getCacheKey()); FileCacheEntry fileEntry = entries != null ? entries.get(fileKey.getThumbnail()) : null; if (fileEntry == null) { JCRNodeWrapper n = getNode(fileKey); if (n == null || !n.isFile()) { // cannot find it or it is not a file code = HttpServletResponse.SC_NOT_FOUND; res.sendError(HttpServletResponse.SC_NOT_FOUND); return; } Date lastModifiedDate = n.getLastModifiedAsDate(); long lastModified = lastModifiedDate != null ? lastModifiedDate.getTime() : 0; String eTag = generateETag(n.getIdentifier(), lastModified); if (lastModifiedEntry == null) { lastModifiedEntry = new FileLastModifiedCacheEntry(eTag, lastModified); if (canCache(n)) { lastModifiedCache.put(fileKey.getCacheKey(), lastModifiedEntry); } } if (isNotModified(fileKey, lastModifiedEntry, req, res)) { // resource is not changed code = HttpServletResponse.SC_NOT_MODIFIED; res.setStatus(HttpServletResponse.SC_NOT_MODIFIED); logAccess(fileKey, req, "ok-not-modified"); return; } fileEntry = getFileEntry(fileKey, n, lastModifiedEntry); if (fileEntry != null && fileEntry.getData() != null) { entries = contentCache.get(fileKey.getCacheKey()); if (entries == null) { entries = new HashMap<String, FileCacheEntry>(1); } entries.put(fileKey.getThumbnail(), fileEntry); contentCache.put(fileKey.getCacheKey(), entries); logAccess(fileKey, req, "ok"); } } else { if (lastModifiedEntry == null) { lastModifiedEntry = new FileLastModifiedCacheEntry(fileEntry.getETag(), fileEntry.getLastModified()); lastModifiedCache.put(fileKey.getCacheKey(), lastModifiedEntry); } logAccess(fileKey, req, "ok-cached"); if (logger.isDebugEnabled()) { logger.debug("Serving cached file entry {}", fileKey.toString()); } } if (fileEntry != null) { List<RangeUtils.Range> ranges; boolean useRanges = true; if (fileEntry.getBinary() instanceof BinaryRangesSupport) { useRanges = ((BinaryRangesSupport) fileEntry.getBinary()).supportRanges(); } ranges = useRanges ? RangeUtils.parseRange(req, res, fileEntry.getETag(), fileEntry.getLastModified(), fileEntry.getContentLength()) : null; if (fileKey.getPath().indexOf('%', fileKey.getPath().lastIndexOf('/')) != -1) { res.setHeader("Content-Disposition", "inline; filename=\"" + JCRContentUtils.unescapeLocalNodeName( StringUtils.substringAfterLast(fileKey.getPath(), "/")) + "\""); } res.setDateHeader("Last-Modified", fileEntry.getLastModified()); res.setHeader("ETag", fileEntry.getETag()); InputStream is = null; if (fileEntry.getData() != null) { // writing in-memory data is = new ByteArrayInputStream(fileEntry.getData()); } else if (fileEntry.getBinary() != null) { // spool from an input stream is = fileEntry.getBinary().getStream(); } else { code = HttpServletResponse.SC_NOT_FOUND; res.sendError(HttpServletResponse.SC_NOT_FOUND); return; } if (ranges == null || (ranges == RangeUtils.FULL)) { res.setContentType(fileEntry.getMimeType()); if (fileEntry.getContentLength() <= Integer.MAX_VALUE) { res.setContentLength((int) fileEntry.getContentLength()); } else { res.setHeader("Content-Length", Long.toString(fileEntry.getContentLength())); } ServletOutputStream os = res.getOutputStream(); IOUtils.copy(is, os); os.flush(); os.close(); } else { res.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT); if (ranges.size() == 1) { res.setContentType(fileEntry.getMimeType()); RangeUtils.Range range = (RangeUtils.Range) ranges.get(0); res.addHeader("Content-Range", "bytes " + range.start + "-" + range.end + "/" + range.length); long length = range.end - range.start + 1; if (length < Integer.MAX_VALUE) { res.setContentLength((int) length); } else { // Set the content-length as String to be able to use a long res.setHeader("Content-Length", "" + length); } ServletOutputStream os = res.getOutputStream(); RangeUtils.copy(is, os, range); IOUtils.closeQuietly(is); IOUtils.closeQuietly(os); } else { res.setContentType("multipart/byteranges; boundary=" + RangeUtils.MIME_SEPARATION); try { res.setBufferSize(RangeUtils.getOutput()); } catch (IllegalStateException e) { // Silent catch } ServletOutputStream os = res.getOutputStream(); RangeUtils.copy(is, os, ranges.iterator(), fileEntry.getMimeType()); IOUtils.closeQuietly(is); IOUtils.closeQuietly(os); } } if ((fileEntry.getData() == null) && (fileEntry.getBinary() != null)) { fileEntry.getBinary().dispose(); fileEntry.setBinary(null); } SpringContextSingleton.getInstance() .publishEvent(new FileDownloadEvent(this, req, fileEntry.getIdentifier(), fileKey.getPath(), fileEntry.getNodeTypes(), fileKey.getWorkspace())); } else { code = HttpServletResponse.SC_NOT_FOUND; res.sendError(HttpServletResponse.SC_NOT_FOUND); return; } } else { code = HttpServletResponse.SC_NOT_FOUND; res.sendError(HttpServletResponse.SC_NOT_FOUND); } } catch (RepositoryException e) { logger.error("Cannot get file", e); code = HttpServletResponse.SC_INTERNAL_SERVER_ERROR; res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } finally { if (logger.isDebugEnabled()) { logger.debug("Served [{}] with status code [{}] in [{}ms]", new Object[] { req.getRequestURI() + (req.getQueryString() != null ? "?" + req.getQueryString() : ""), code, (System.currentTimeMillis() - timer) }); } } }
From source file:org.sakaiproject.dav.DavServlet.java
/** * Helper to handle set Header information * //from w w w .j a v a2 s . com * @param request * The servlet request we are processing * @param response * The servlet response we are creating * @exception IOException * if an input/output error occurs * @exception ServletException * if a servlet-specified error occurs * @return boolean false if there was an error, true if the head variable all were set */ private boolean processHead(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String path = getRelativePathSAKAI(request); if ((path == null) || prohibited(path) || path.toUpperCase().startsWith("/WEB-INF") || path.toUpperCase().startsWith("/META-INF")) { response.sendError(HttpServletResponse.SC_NOT_FOUND, path); return false; } // Retrieve the resources DirContextSAKAI resources = getResourcesSAKAI(); ResourceInfoSAKAI resourceInfo = new ResourceInfoSAKAI(path, resources); if (!resourceInfo.exists) { response.sendError(HttpServletResponse.SC_NOT_FOUND, path); return false; } if (!resourceInfo.collection) { response.setDateHeader("Last-Modified", resourceInfo.date); } // Find content type by looking at the file suffix // We should probably make this something which is done within the service // rather than each tool String contentType = getServletContext().getMimeType(resourceInfo.path); // if (M_log.isDebugEnabled()) M_log.debug("Default serveResource contentType = " + contentType); if (contentType != null) { response.setContentType(contentType); } long contentLength = resourceInfo.length; if ((!resourceInfo.collection) && (contentLength >= 0)) { // http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4187336 if (contentLength <= Integer.MAX_VALUE) { response.setContentLength((int) contentLength); } else { response.addHeader("Content-Length", Long.toString(contentLength)); } } return true; }
From source file:de.innovationgate.wgpublisher.WGPDispatcher.java
private void dispatchResourceRequest(WGPRequestPath path, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Exception { WGARequestInformation info = (WGARequestInformation) request .getAttribute(WGARequestInformation.REQUEST_ATTRIBUTENAME); if (info != null) { info.setType(WGARequestInformation.TYPE_RESOURCE); }//from w ww . j av a2 s . c o m // determine mimeType String resourcePath = path.getResourcePath(); String mimeType = this.getServletContext().getMimeType(resourcePath); if (mimeType == null) { mimeType = "application/octet-stream"; } response.setContentType(mimeType); File file = null; boolean isTemporaryDownload = false; if (path.getPathCommand().equals(WGPRequestPath.PATHCMD_TEMP_DOWNLOAD)) { String tempFileName = path.getResourcePath().substring(path.getResourcePath().lastIndexOf("/") + 1); TemporaryDownloadsMap temporaryDownloads = (TemporaryDownloadsMap) request.getSession() .getAttribute(SESSION_TEMPORARYDOWNLOADS); if (temporaryDownloads != null) { TemporaryDownload tempDownload = (TemporaryDownload) temporaryDownloads.get(tempFileName); if (tempDownload != null) { file = tempDownload.getTempFile().getFile(); isTemporaryDownload = true; } } } else { file = new File(this.getServletContext().getRealPath("/"), path.getResourcePath()); } if (file == null || !file.exists() || !file.isFile()) { throw new HttpErrorException(404, "File not found: " + path.getResourcePath(), null); } // / Set expiration time int fileExpirationMinutes = getCore().getWgaConfiguration().getCacheExpirationForStaticResources(); if (fileExpirationMinutes > 0) { int fileExpirationSeconds = fileExpirationMinutes * 60; response.setHeader("Cache-Control", "max-age=" + fileExpirationSeconds + ", must-revalidate"); } // determine lastModified // - last modified of binary response depends only on resource change // date // - last change date of textual response additionally depends on // character encoding change date long lastModified; if (isBinary(request, response)) { lastModified = file.lastModified(); } else { lastModified = Math.max(file.lastModified(), _core.getCharacterEncodingLastModified()); } if (browserCacheIsValid(request, lastModified, String.valueOf(lastModified))) { response.setStatus(HttpServletResponse.SC_NOT_MODIFIED); return; } else { response.setDateHeader("Last-Modified", lastModified); response.setHeader("ETag", '"' + String.valueOf(lastModified) + '"'); } if (mimeType.startsWith("application/")) { response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0"); } // Dispatch to file resource try { if (!"HEAD".equalsIgnoreCase(request.getMethod())) { DataSource in = null; int fileSize = 0; // We allow direct file dispatching only for temporary files. In // all other cases we use the servlet // context which will take care of file system security. if (isTemporaryDownload) { response.setHeader("Content-Disposition", "attachment;filename=" + file.getName()); in = new URLDataSource(file.toURI().toURL()); fileSize = (int) file.length(); } else { in = new URLDataSource(this.getServletContext().getResource(resourcePath)); } // B000041DA // write data to response - use UTF-8 when reading characters - // WGA resources are UTF-8 encoded writeData(in, request, response, "UTF-8", fileSize, null, true); } } catch (java.net.SocketException exc) { _log.warn("Dispatch of resource request failed bc. of socket error: " + exc.getMessage()); } catch (java.io.IOException exc) { _log.warn("Dispatch of resource request failed bc. of IO error: " + exc.getMessage()); } }
From source file:org.alfresco.web.app.servlet.BaseDownloadContentServlet.java
/** * Processes the download request using the current context i.e. no authentication checks are made, it is presumed * they have already been done.//from w w w .j a va 2s. co m * * @param req * The HTTP request * @param res * The HTTP response * @param allowLogIn * Indicates whether guest users without access to the content should be redirected to the log in page. If * <code>false</code>, a status 403 forbidden page is displayed instead. */ protected void processDownloadRequest(HttpServletRequest req, HttpServletResponse res, boolean allowLogIn, boolean transmitContent) throws ServletException, IOException { Log logger = getLogger(); String uri = req.getRequestURI(); if (logger.isDebugEnabled()) { String queryString = req.getQueryString(); logger.debug("Processing URL: " + uri + ((queryString != null && queryString.length() > 0) ? ("?" + queryString) : "")); } uri = uri.substring(req.getContextPath().length()); StringTokenizer t = new StringTokenizer(uri, "/"); int tokenCount = t.countTokens(); t.nextToken(); // skip servlet name // attachment mode (either 'attach' or 'direct') String attachToken = t.nextToken(); boolean attachment = URL_ATTACH.equals(attachToken) || URL_ATTACH_LONG.equals(attachToken); ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext()); // get or calculate the noderef and filename to download as NodeRef nodeRef; String filename; // do we have a path parameter instead of a NodeRef? String path = req.getParameter(ARG_PATH); if (path != null && path.length() != 0) { // process the name based path to resolve the NodeRef and the Filename element try { PathRefInfo pathInfo = resolveNamePath(getServletContext(), path); nodeRef = pathInfo.NodeRef; filename = pathInfo.Filename; } catch (IllegalArgumentException e) { Application.handleSystemError(getServletContext(), req, res, MSG_ERROR_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND, logger); return; } } else { // a NodeRef must have been specified if no path has been found if (tokenCount < 6) { throw new IllegalArgumentException("Download URL did not contain all required args: " + uri); } // assume 'workspace' or other NodeRef based protocol for remaining URL elements StoreRef storeRef = new StoreRef(URLDecoder.decode(t.nextToken()), URLDecoder.decode(t.nextToken())); String id = URLDecoder.decode(t.nextToken()); // build noderef from the appropriate URL elements nodeRef = new NodeRef(storeRef, id); if (tokenCount > 6) { // found additional relative path elements i.e. noderefid/images/file.txt // this allows a url to reference siblings nodes via a cm:name based relative path // solves the issue with opening HTML content containing relative URLs in HREF or IMG tags etc. List<String> paths = new ArrayList<String>(tokenCount - 5); while (t.hasMoreTokens()) { paths.add(URLDecoder.decode(t.nextToken())); } filename = paths.get(paths.size() - 1); try { NodeRef parentRef = serviceRegistry.getNodeService().getPrimaryParent(nodeRef).getParentRef(); FileInfo fileInfo = serviceRegistry.getFileFolderService().resolveNamePath(parentRef, paths); nodeRef = fileInfo.getNodeRef(); } catch (FileNotFoundException e) { Application.handleSystemError(getServletContext(), req, res, MSG_ERROR_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND, logger); return; } } else { // filename is last remaining token filename = t.nextToken(); } } // get qualified of the property to get content from - default to ContentModel.PROP_CONTENT QName propertyQName = ContentModel.PROP_CONTENT; String property = req.getParameter(ARG_PROPERTY); if (property != null && property.length() != 0) { propertyQName = QName.createQName(property); } if (logger.isDebugEnabled()) { logger.debug("Found NodeRef: " + nodeRef); logger.debug("Will use filename: " + filename); logger.debug("For property: " + propertyQName); logger.debug("With attachment mode: " + attachment); } // get the services we need to retrieve the content NodeService nodeService = serviceRegistry.getNodeService(); ContentService contentService = serviceRegistry.getContentService(); // Check that the node still exists if (!nodeService.exists(nodeRef)) { Application.handleSystemError(getServletContext(), req, res, MSG_ERROR_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND, logger); return; } try { // check that the user has at least READ_CONTENT access - else redirect to an error or login page if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, allowLogIn)) { return; } // check If-Modified-Since header and set Last-Modified header as appropriate Date modified = (Date) nodeService.getProperty(nodeRef, ContentModel.PROP_MODIFIED); if (modified != null) { long modifiedSince = req.getDateHeader(HEADER_IF_MODIFIED_SINCE); if (modifiedSince > 0L) { // round the date to the ignore millisecond value which is not supplied by header long modDate = (modified.getTime() / 1000L) * 1000L; if (modDate <= modifiedSince) { if (logger.isDebugEnabled()) logger.debug("Returning 304 Not Modified."); res.setStatus(HttpServletResponse.SC_NOT_MODIFIED); return; } } res.setDateHeader(HEADER_LAST_MODIFIED, modified.getTime()); res.setHeader(HEADER_CACHE_CONTROL, "must-revalidate, max-age=0"); res.setHeader(HEADER_ETAG, "\"" + Long.toString(modified.getTime()) + "\""); } if (attachment == true) { setHeaderContentDisposition(req, res, filename); } // get the content reader ContentReader reader = contentService.getReader(nodeRef, propertyQName); // ensure that it is safe to use reader = FileContentReader.getSafeContentReader(reader, Application.getMessage(req.getSession(), MSG_ERROR_CONTENT_MISSING), nodeRef, reader); String mimetype = reader.getMimetype(); // fall back if unable to resolve mimetype property if (mimetype == null || mimetype.length() == 0) { MimetypeService mimetypeMap = serviceRegistry.getMimetypeService(); mimetype = MIMETYPE_OCTET_STREAM; int extIndex = filename.lastIndexOf('.'); if (extIndex != -1) { String ext = filename.substring(extIndex + 1); mimetype = mimetypeMap.getMimetype(ext); } } // explicitly set the content disposition header if the content is powerpoint if (!attachment && (mimetype.equals(POWER_POINT_2007_DOCUMENT_MIMETYPE) || mimetype.equals(POWER_POINT_DOCUMENT_MIMETYPE))) { setHeaderContentDisposition(req, res, filename); } // get the content and stream directly to the response output stream // assuming the repo is capable of streaming in chunks, this should allow large files // to be streamed directly to the browser response stream. res.setHeader(HEADER_ACCEPT_RANGES, "bytes"); // for a GET request, transmit the content else just the headers are sent if (transmitContent) { try { boolean processedRange = false; String range = req.getHeader(HEADER_CONTENT_RANGE); if (range == null) { range = req.getHeader(HEADER_RANGE); } if (range != null) { if (logger.isDebugEnabled()) logger.debug("Found content range header: " + range); // ensure the range header is starts with "bytes=" and process the range(s) if (range.length() > 6) { HttpRangeProcessor rangeProcessor = new HttpRangeProcessor(contentService); processedRange = rangeProcessor.processRange(res, reader, range.substring(6), nodeRef, propertyQName, mimetype, req.getHeader(HEADER_USER_AGENT)); } } if (processedRange == false) { if (logger.isDebugEnabled()) logger.debug("Sending complete file content..."); // set mimetype for the content and the character encoding for the stream res.setContentType(mimetype); res.setCharacterEncoding(reader.getEncoding()); // MNT-10642 Alfresco Explorer has javascript vulnerability opening HTML files if (req.getRequestURI().contains("/d/d/") && (mimetype.equals("text/html") || mimetype.equals("application/xhtml+xml") || mimetype.equals("text/xml"))) { String content = reader.getContentString(); if (mimetype.equals("text/html") || mimetype.equals("application/xhtml+xml")) { // process with HTML stripper content = StringUtils.stripUnsafeHTMLTags(content, false); } else if (mimetype.equals("text/xml") && mimetype.equals("text/x-component")) { // IE supports "behaviour" which means that css can load a .htc file that could // contain XSS code in the form of jscript, vbscript etc, to stop it form being // evaluated we set the contient type to text/plain res.setContentType("text/plain"); } String encoding = reader.getEncoding(); byte[] bytes = encoding != null ? content.getBytes(encoding) : content.getBytes(); res.setContentLength(bytes.length); res.getOutputStream().write(bytes); return; } // return the complete entity range long size = reader.getSize(); res.setHeader(HEADER_CONTENT_RANGE, "bytes 0-" + Long.toString(size - 1L) + "/" + Long.toString(size)); res.setHeader(HEADER_CONTENT_LENGTH, Long.toString(size)); reader.getContent(res.getOutputStream()); } } catch (SocketException e1) { // the client cut the connection - our mission was accomplished apart from a little error message if (logger.isDebugEnabled()) logger.debug("Client aborted stream read:\n\tnode: " + nodeRef + "\n\tcontent: " + reader); } catch (ContentIOException e2) { if (logger.isInfoEnabled()) logger.info("Failed stream read:\n\tnode: " + nodeRef + " due to: " + e2.getMessage()); } catch (Throwable err) { if (err.getCause() instanceof SocketException) { // the client cut the connection - our mission was accomplished apart from a little error message if (logger.isDebugEnabled()) logger.debug( "Client aborted stream read:\n\tnode: " + nodeRef + "\n\tcontent: " + reader); } else throw err; } } else { if (logger.isDebugEnabled()) logger.debug("HEAD request processed - no content sent."); res.getOutputStream().close(); } } catch (Throwable err) { throw new AlfrescoRuntimeException( "Error during download content servlet processing: " + err.getMessage(), err); } }