Work on CORS

2016-11-17 17:10:52 +01:00 · 2016-11-17 17:10:52 +01:00 · 4ed17457dd
parent ca9223fb70
commit 4ed17457dd
7 changed files with 108 additions and 88 deletions
--- a/hapi-fhir-jpaserver-base/pom.xml
+++ b/hapi-fhir-jpaserver-base/pom.xml
@ -130,7 +130,12 @@
 			<artifactId>commons-dbcp2</artifactId>
 			<scope>test</scope>
 		</dependency>
-
+		<dependency>
+			<groupId>org.apache.tomcat</groupId>
+			<artifactId>tomcat-catalina</artifactId>
+			<scope>test</scope>
+		</dependency>
+		
 		<dependency>
 			<groupId>javax.servlet</groupId>
 			<artifactId>javax.servlet-api</artifactId>
@ -468,77 +473,13 @@
 				<skip-hib4>true</skip-hib4>
 			</properties>
 		</profile>
-			<!-- 
-		<profile>
-			<id>DIST</id>
-			<build>
-				<plugins>
-					<plugin>
-						<groupId>de.juplo</groupId>
-						<artifactId>hibernate4-maven-plugin</artifactId>
-						<configuration>
-							<force>true</force>
-							<target>SCRIPT</target>
-							<skip>${skip-hib4}</skip>
-						</configuration>
-						<dependencies>
-							<dependency>
-								<groupId>org.hibernate</groupId>
-								<artifactId>hibernate-core</artifactId>
-								<version>${hibernate_version}</version>
-							</dependency>
-						</dependencies>
-						<executions>
-							<execution>
-								<id>o10g</id>
-								<goals>
-									<goal>export</goal>
-								</goals>
-								<phase>test</phase>
-								<configuration>
-									<hibernateDialect>org.hibernate.dialect.Oracle10gDialect</hibernateDialect>
-									<outputFile>${project.build.directory}/schema_oracle_10g.sql</outputFile>
-								</configuration>
-							</execution>
-							<execution>
-								<id>derby</id>
-								<goals>
-									<goal>export</goal>
-								</goals>
-								<phase>test</phase>
-								<configuration>
-									<hibernateDialect>org.hibernate.dialect.DerbyTenSevenDialect</hibernateDialect>
-									<outputFile>${project.build.directory}/schema_derby.sql</outputFile>
-								</configuration>
-							</execution>
-							<execution>
-								<id>hsql</id>
-								<goals>
-									<goal>export</goal>
-								</goals>
-								<phase>test</phase>
-								<configuration>
-									<hibernateDialect>org.hibernate.dialect.HSQLDialect</hibernateDialect>
-									<outputFile>${project.build.directory}/schema_hsql.sql</outputFile>
-								</configuration>
-							</execution>
-							<execution>
-								<id>mysql5</id>
-								<goals>
-									<goal>export</goal>
-								</goals>
-								<phase>test</phase>
-								<configuration>
-									<hibernateDialect>org.hibernate.dialect.MySQL5Dialect</hibernateDialect>
-									<outputFile>${project.build.directory}/schema_mysql_5.sql</outputFile>
-								</configuration>
-							</execution>
-						</executions>
-					</plugin>
-				</plugins>
-			</build>
-		</profile>
-		 -->
+		<!-- <profile> <id>DIST</id> <build> <plugins> <plugin> <groupId>de.juplo</groupId> <artifactId>hibernate4-maven-plugin</artifactId> <configuration> <force>true</force> <target>SCRIPT</target> <skip>${skip-hib4}</skip> 
+			</configuration> <dependencies> <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-core</artifactId> <version>${hibernate_version}</version> </dependency> </dependencies> <executions> 
+			<execution> <id>o10g</id> <goals> <goal>export</goal> </goals> <phase>test</phase> <configuration> <hibernateDialect>org.hibernate.dialect.Oracle10gDialect</hibernateDialect> <outputFile>${project.build.directory}/schema_oracle_10g.sql</outputFile> 
+			</configuration> </execution> <execution> <id>derby</id> <goals> <goal>export</goal> </goals> <phase>test</phase> <configuration> <hibernateDialect>org.hibernate.dialect.DerbyTenSevenDialect</hibernateDialect> 
+			<outputFile>${project.build.directory}/schema_derby.sql</outputFile> </configuration> </execution> <execution> <id>hsql</id> <goals> <goal>export</goal> </goals> <phase>test</phase> <configuration> <hibernateDialect>org.hibernate.dialect.HSQLDialect</hibernateDialect> 
+			<outputFile>${project.build.directory}/schema_hsql.sql</outputFile> </configuration> </execution> <execution> <id>mysql5</id> <goals> <goal>export</goal> </goals> <phase>test</phase> <configuration> <hibernateDialect>org.hibernate.dialect.MySQL5Dialect</hibernateDialect> 
+			<outputFile>${project.build.directory}/schema_mysql_5.sql</outputFile> </configuration> </execution> </executions> </plugin> </plugins> </build> </profile> -->
 	</profiles>

 </project>
--- a/hapi-fhir-jpaserver-base/src/test/java/ca/uhn/fhir/jpa/provider/dstu3/CorsDstu3Test.java
+++ b/hapi-fhir-jpaserver-base/src/test/java/ca/uhn/fhir/jpa/provider/dstu3/CorsDstu3Test.java
@ -0,0 +1,37 @@
+package ca.uhn.fhir.jpa.provider.dstu3;
+
+import static org.junit.Assert.assertEquals;
+
+import java.io.IOException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.junit.AfterClass;
+import org.junit.Test;
+
+import ca.uhn.fhir.util.TestUtil;
+
+public class CorsDstu3Test extends BaseResourceProviderDstu3Test {
+
+	private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(CorsDstu3Test.class);
+
+	@Test
+	public void saveLocalOrigin() throws IOException {
+		HttpGet get = new HttpGet(ourServerBase + "/Patient?name=test");
+		get.addHeader("Origin", "file://");
+		CloseableHttpResponse resp = ourHttpClient.execute(get);
+		
+		ourLog.info(resp.toString());
+		
+		IOUtils.closeQuietly(resp.getEntity().getContent());
+		assertEquals(200, resp.getStatusLine().getStatusCode());
+	}
+
+
+	@AfterClass
+	public static void afterClassClearContext() {
+		TestUtil.clearAllStaticFieldsForUnitTest();
+	}
+
+}
--- a/hapi-fhir-jpaserver-uhnfhirtest/pom.xml
+++ b/hapi-fhir-jpaserver-uhnfhirtest/pom.xml
@ -164,6 +164,10 @@
 			<groupId>org.ebaysf.web</groupId>
 			<artifactId>cors-filter</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.tomcat</groupId>
+			<artifactId>tomcat-catalina</artifactId>
+		</dependency>

 	</dependencies>

--- a/hapi-fhir-structures-dstu/src/main/java/ca/uhn/fhir/rest/server/CorsTest.java
+++ b/hapi-fhir-structures-dstu/src/main/java/ca/uhn/fhir/rest/server/CorsTest.java
--- a/hapi-fhir-structures-dstu/src/test/java/ca/uhn/fhir/rest/server/CORSFilter_.java
+++ b/hapi-fhir-structures-dstu/src/test/java/ca/uhn/fhir/rest/server/CORSFilter_.java
@ -446,8 +446,6 @@ public final class CORSFilter_ implements Filter {
     *            The {@link HttpServletResponse} object.
     * @param filterChain
     *            The {@link FilterChain} object.
-     * @throws IOException
-     * @throws ServletException
     */
    public void handleInvalidCORS(final HttpServletRequest request,
            final HttpServletResponse response, final FilterChain filterChain) {
@ -594,7 +592,6 @@ public final class CORSFilter_ implements Filter {
     * Determines the request type.
     * 
     * @param request
-     * @return
     */
    public CORSRequestType checkRequestType(final HttpServletRequest request) {
        CORSRequestType requestType = CORSRequestType.INVALID_CORS;
@ -607,7 +604,7 @@ public final class CORSFilter_ implements Filter {
        if (originHeader != null) {
            if (originHeader.isEmpty()) {
                requestType = CORSRequestType.INVALID_CORS;
-            } else if ("null".equals(originHeader) == false && !isValidOrigin(originHeader)) {
+            } else if ("null".equals(originHeader) == false && "file://".equals(originHeader) == false && !isValidOrigin(originHeader)) {
                requestType = CORSRequestType.INVALID_CORS;
            } else {
                String method = request.getMethod();
@ -802,7 +799,6 @@ public final class CORSFilter_ implements Filter {
     * 
     * @param origin
     * @see <a href="http://tools.ietf.org/html/rfc952">RFC952</a>
-     * @return
     */
    public static boolean isValidOrigin(String origin) {
        // Checks for encoded characters. Helps prevent CRLF injection.
@ -843,8 +839,6 @@ public final class CORSFilter_ implements Filter {

    /**
     * Returns a {@link Set} of headers that should be exposed by browser.
-     * 
-     * @return
     */
    public Collection<String> getExposedHeaders() {
        return exposedHeaders;
@ -852,8 +846,6 @@ public final class CORSFilter_ implements Filter {

    /**
     * Determines is supports credentials is enabled
-     * 
-     * @return
     */
    public boolean isSupportsCredentials() {
        return supportsCredentials;
@ -1029,7 +1021,7 @@ public final class CORSFilter_ implements Filter {
    /**
     * {@link Collection} of HTTP methods. Case sensitive.
     * 
-     * @see http://tools.ietf.org/html/rfc2616#section-5.1.1
+     * @see <a href="http://tools.ietf.org/html/rfc2616#section-5.1.1">link</a>
     */
    public static final Collection<String> HTTP_METHODS = new HashSet<String>(
            Arrays.asList("OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE",
@ -1043,7 +1035,7 @@ public final class CORSFilter_ implements Filter {
    /**
     * {@link Collection} of Simple HTTP methods. Case sensitive.
     * 
-     * @see http://www.w3.org/TR/cors/#terminology
+     * @see <a href="http://www.w3.org/TR/cors/#terminology">link</a>
     */
    public static final Collection<String> SIMPLE_HTTP_METHODS =
            new HashSet<String>(
@ -1052,7 +1044,7 @@ public final class CORSFilter_ implements Filter {
    /**
     * {@link Collection} of Simple HTTP request headers. Case in-sensitive.
     * 
-     * @see http://www.w3.org/TR/cors/#terminology
+     * @see <a href="http://www.w3.org/TR/cors/#terminology">link</a>
     */
    public static final Collection<String> SIMPLE_HTTP_REQUEST_HEADERS =
            new HashSet<String>(Arrays.asList("Accept", "Accept-Language",
@ -1061,7 +1053,7 @@ public final class CORSFilter_ implements Filter {
    /**
     * {@link Collection} of Simple HTTP request headers. Case in-sensitive.
     * 
-     * @see http://www.w3.org/TR/cors/#terminology
+     * @see <a href="http://www.w3.org/TR/cors/#terminology">link</a>
     */
    public static final Collection<String> SIMPLE_HTTP_RESPONSE_HEADERS =
            new HashSet<String>(Arrays.asList("Cache-Control",
@ -1071,7 +1063,7 @@ public final class CORSFilter_ implements Filter {
    /**
     * {@link Collection} of Simple HTTP request headers. Case in-sensitive.
     * 
-     * @see http://www.w3.org/TR/cors/#terminology
+     * @see <a href="http://www.w3.org/TR/cors/#terminology">link</a>
     */
    public static final Collection<String> SIMPLE_HTTP_REQUEST_CONTENT_TYPE_VALUES =
            new HashSet<String>(Arrays.asList(
--- a/pom.xml
+++ b/pom.xml
@ -305,6 +305,7 @@
 		<phloc_commons_version>4.4.5</phloc_commons_version>
 		<spring_version>4.3.1.RELEASE</spring_version>
 		<thymeleaf-version>3.0.1.RELEASE</thymeleaf-version>
+		<tomcat_version>8.0.39</tomcat_version>
 		<ebay_cors_filter_version>1.0.1</ebay_cors_filter_version>
 		<xmlunit_version>1.6</xmlunit_version>

@ -516,6 +517,12 @@
 				<artifactId>wagon-scm</artifactId>
 				<version>2.10</version>
 			</dependency>
+			<dependency>
+				<groupId>org.apache.tomcat</groupId>
+				<artifactId>tomcat-catalina</artifactId>
+				<!-- Use property for version because we should refer to this from docs -->
+				<version>${tomcat_version}</version>
+			</dependency>
 			<dependency>
 				<groupId>org.apache.velocity</groupId>
 				<artifactId>velocity</artifactId>
--- a/src/site/fml/hapi-fhir-faq.fml
+++ b/src/site/fml/hapi-fhir-faq.fml
@ -41,6 +41,45 @@
 				</p>
 			</answer>
 		</faq>
+		<faq id="reporting_bugs">
+			<question>How do I report a bug?</question>
+			<answer>
+				<p>
+					We welcome bug reports, and do our best to address them quickly. Please do
+					keep in mind though that HAPI FHIR is a volunteer-run project, so we can't
+					always act immediately on every issue.
+				</p>
+				<p>
+					Before reporting a bug, please make sure what you have is actually a bug.
+					If you are unsure how to do something with HAPI, you are more likely to
+					get a helpful response on our Google Group (please see the 
+					<a href="#getting_help">"Where can I ask questions or get help"</a> above).
+				</p>
+				<p>
+					When reporting a bug, please be as descriptive as possible. It is important
+					to include details such as:
+				</p>
+				<ul>
+					<li>What you are trying to accomplish</li>
+					<li>What version of HAPI you are using (and if you are running a customized version, please mention that too)</li>
+					<li>What platform you are using (Windows/OSX/Linux Platform, OS Version, etc)</li>
+					<li>What version of Java you are using</li>
+				</ul>
+				<p>
+					Please also include any samples or other useful files that might help in
+					diagnosing the issue. This could include resources you are using 
+					for testing, build/server logs, etc. If you are concerned about privacy
+					you may also email <a href="mailto:jamesagnew@gmail.com">James</a> with 
+					these artifacts but please also file a bug and reference the ticket number.
+				</p>
+				<p>
+					Finally, if you are able to include a unit test, or even better a
+					GitHub Pull Request we will be appreciative. Actually, one more thing:
+					If you disciver that your bug was actually not a bug, please make sure
+					to put an update in the ticket and close it.
+				</p>
+			</answer>
+		</faq>
 	</part>
 	<part id="JPA Server">
 		<title>JPA Server</title>
@ -82,11 +121,11 @@
 							<a href="https://github.com/jamesagnew/hapi-fhir/blob/master/hapi-fhir-jpaserver-uhnfhirtest/src/main/java/ca/uhn/fhirtest/DerbyNetworkServer.java">here</a> 
 							and
 							an example of setting up a datasource 
-							<a href="https://github.com/jamesagnew/hapi-fhir/blob/master/hapi-fhir-jpaserver-uhnfhirtest/src/main/java/ca/uhn/fhirtest/config/TestDstu21Config.java">here</a>.
+							<a href="https://github.com/jamesagnew/hapi-fhir/blob/master/hapi-fhir-jpaserver-uhnfhirtest/src/main/java/ca/uhn/fhirtest/config/TestDstu3Config.java">here</a>.
 						</li>
 					</ul>
 				</p>
 			</answer>
 		</faq>
 	</part>
-</faqs>
+</faqs>