Beispiel #1
0
func (ri *RequestId) Filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
	if req.Method() == "GET" {
		chain(req, resp)
		return
	}

	reqId := req.Header(ri.HeaderName)
	if reqId == "" {
		if ri.PassingOnNoId {
			chain(req, resp)
		} else {
			resp.ReportBadRequest()
			resp.Send("error", ri.Error)
		}
	} else {
		id := req.RemoteIP() + ":" + reqId
		if err := ri.Store.Save(id); err == ErrRequestIDExist {
			resp.ReportForbidden()
			resp.Send("error", ri.ErrorOverlap)
		} else if err != nil {
			ri.logger.Warnln(err)
		} else {
			chain(req, resp)
			ri.Store.Remove(id)
		}
	}
}
Beispiel #2
0
// Verify xsrf token, used as zerver.FilterFunc
//
// The reason not use "Filter" as function name is to prevent the Xsrf from used as both Component and Filter
func (x *Xsrf) Verify(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
	if x.VerifyFor(req) {
		chain(req, resp)
	} else {
		resp.ReportBadRequest()
		resp.Send("error", x.Error)
	}
}
Beispiel #3
0
func (j JSONP) Filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
	if req.Method() != "GET" {
		chain(req, resp)
		return
	}

	res, _ := req.ResourceMaster().Resource(resource.RES_JSON)
	if res == nil {
		resp.ReportNotAcceptable()
		return
	}

	callback := req.Param(string(j))
	if callback == "" {
		resp.ReportBadRequest()
		resp.Send("error", "no callback function")
		return
	}

	resp.SetContentType(resource.RES_JSON, res)
	_, err := resp.WriteString(callback)
	if err != nil {
		goto ERROR
	}
	_, err = resp.WriteString("(")
	if err != nil {
		goto ERROR
	}
	chain(req, resp)
	_, err = resp.WriteString(")")
	if err == nil {
		return
	}
ERROR:
	req.Logger().Warnln(err)
}