forked from I2P_Developers/i2p.i2p
Servlets: Add Accept-Ranges headers
This commit is contained in:
@ -384,12 +384,14 @@ class BasicServlet extends HttpServlet
|
||||
if (lml > 0)
|
||||
response.setDateHeader("Last-Modified",lml);
|
||||
|
||||
if (count != -1)
|
||||
{
|
||||
if (count<Integer.MAX_VALUE)
|
||||
if (count != -1) {
|
||||
if (count <= Integer.MAX_VALUE)
|
||||
response.setContentLength((int)count);
|
||||
else
|
||||
response.setHeader("Content-Length", Long.toString(count));
|
||||
response.setHeader("Accept-Ranges", "bytes");
|
||||
} else {
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
}
|
||||
|
||||
long ct = content.getCacheTime();
|
||||
|
||||
@ -404,6 +404,7 @@ public class I2PSnarkServlet extends BasicServlet {
|
||||
resp.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
resp.setHeader("X-Content-Type-Options", "nosniff");
|
||||
resp.setHeader("Referrer-Policy", "no-referrer");
|
||||
resp.setHeader("Accept-Ranges", "none");
|
||||
}
|
||||
|
||||
private void writeMessages(PrintWriter out, boolean isConfigure, String peerString) throws IOException {
|
||||
|
||||
@ -7,6 +7,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%><%@page pageEncoding="UTF-8"
|
||||
%><%@page trimDirectiveWhitespaces="true"
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%><%@page pageEncoding="UTF-8"
|
||||
%><%@page trimDirectiveWhitespaces="true"
|
||||
|
||||
@ -6,6 +6,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%><%@page pageEncoding="UTF-8"
|
||||
%><%@page contentType="text/html" import="java.io.InputStream,net.i2p.i2ptunnel.web.EditBean,net.i2p.servlet.RequestWrapper,net.i2p.client.I2PSessionException,net.i2p.client.naming.HostTxtEntry,net.i2p.data.PrivateKeyFile,net.i2p.data.SigningPrivateKey,net.i2p.util.OrderedProperties"
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%><%@page pageEncoding="UTF-8"
|
||||
%><%@page contentType="text/html" import="net.i2p.i2ptunnel.web.EditBean"
|
||||
|
||||
@ -167,6 +167,7 @@ public class IdenticonServlet extends HttpServlet {
|
||||
// return image bytes to requester
|
||||
response.setContentType(IDENTICON_IMAGE_MIMETYPE);
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setContentLength(imageBytes.length);
|
||||
response.getOutputStream().write(imageBytes);
|
||||
}
|
||||
|
||||
@ -193,6 +193,7 @@ public class QRServlet extends HttpServlet {
|
||||
// return image bytes to requester
|
||||
response.setContentType(IDENTICON_IMAGE_MIMETYPE);
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setContentLength(imageBytes.length);
|
||||
response.getOutputStream().write(imageBytes);
|
||||
}
|
||||
|
||||
@ -63,6 +63,7 @@ public class RandomArtServlet extends HttpServlet {
|
||||
response.setCharacterEncoding("UTF-8");
|
||||
}
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
buf.append(RandomArt.gnutls_key_fingerprint_randomart(h.getData(), "SHA", 256, "", true, html));
|
||||
if (html)
|
||||
buf.append("</body></html>");
|
||||
|
||||
@ -43,6 +43,7 @@ public class CodedIconRendererServlet extends HttpServlet {
|
||||
|
||||
srs.setContentType("image/png");
|
||||
srs.setHeader("X-Content-Type-Options", "nosniff");
|
||||
srs.setHeader("Accept-Ranges", "none");
|
||||
srs.setDateHeader("Expires", I2PAppContext.getGlobalContext().clock().now() + 86400000l);
|
||||
srs.setHeader("Cache-Control", "public, max-age=86400");
|
||||
OutputStream os = srs.getOutputStream();
|
||||
|
||||
@ -29,6 +29,8 @@
|
||||
<jsp:setProperty name="intl" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
|
||||
<link rel="icon" href="<%=intl.getTheme(request.getHeader("User-Agent"))%>images/favicon.ico">
|
||||
<%
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
// clickjacking
|
||||
if (intl.shouldSendXFrame()) {
|
||||
response.setHeader("X-Frame-Options", "SAMEORIGIN");
|
||||
|
||||
@ -17,6 +17,7 @@ try {
|
||||
}
|
||||
try {
|
||||
response.setDateHeader("Expires", 0);
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.addHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
|
||||
response.addHeader("Pragma", "no-cache");
|
||||
String name = "family-" + family + "-secret.crt";
|
||||
|
||||
@ -44,6 +44,7 @@ if (c != null &&
|
||||
if (length > 0)
|
||||
response.setHeader("Content-Length", Long.toString(length));
|
||||
response.setContentType("image/png");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
try {
|
||||
net.i2p.util.FileUtil.readFile(file, base, cout);
|
||||
} catch (java.io.IOException ioe) {
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
*/
|
||||
response.setContentType("text/plain");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setDateHeader("Expires", 0);
|
||||
response.addHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
|
||||
response.addHeader("Pragma", "no-cache");
|
||||
|
||||
@ -16,6 +16,7 @@ if (length <= 0 || !f.isFile()) {
|
||||
} else {
|
||||
response.setContentType("text/plain");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setHeader("Content-Length", Long.toString(length));
|
||||
response.setDateHeader("Expires", 0);
|
||||
response.addHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
|
||||
|
||||
@ -45,6 +45,7 @@ if ( !rendered && ((rs != null) || fakeBw) ) {
|
||||
response.setContentType("image/png");
|
||||
// very brief 45 sec expire
|
||||
response.setDateHeader("Expires", net.i2p.I2PAppContext.getGlobalContext().clock().now() + (45*1000));
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
// http://jira.codehaus.org/browse/JETTY-1346
|
||||
// This doesn't actually appear in the response, but it fixes the problem,
|
||||
// so Jetty must look for this header and close the connection.
|
||||
|
||||
@ -21,6 +21,7 @@ if (uri.endsWith(".css")) {
|
||||
} else if (uri.endsWith(".svg")) {
|
||||
response.setContentType("image/svg+xml");
|
||||
}
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
/*
|
||||
* User or plugin themes
|
||||
|
||||
@ -15,6 +15,7 @@ if (length <= 0 || !f.isFile()) {
|
||||
response.setContentType("text/plain");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Content-Length", Long.toString(length));
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
response.setDateHeader("Expires", 0);
|
||||
response.addHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
|
||||
response.addHeader("Pragma", "no-cache");
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
|
||||
@ -29,6 +29,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
|
||||
@ -24,6 +24,7 @@
|
||||
if (request.getCharacterEncoding() == null)
|
||||
request.setCharacterEncoding("UTF-8");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
<%@page trimDirectiveWhitespaces="true"%>
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
|
||||
%>
|
||||
<%@page pageEncoding="UTF-8"%>
|
||||
|
||||
@ -1911,6 +1911,7 @@ public class WebMail extends HttpServlet
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Content-Type-Options", "nosniff");
|
||||
response.setHeader("Referrer-Policy", "no-referrer");
|
||||
response.setHeader("Accept-Ranges", "none");
|
||||
RequestWrapper request = new RequestWrapper( httpRequest );
|
||||
|
||||
SessionObject sessionObject = null;
|
||||
|
||||
Reference in New Issue
Block a user