Redirect to login if same Origin

author: Valerij Fredriksen <valerijf@verizonmedia.com> 2021-07-28 12:35:07 +0200
committer: Valerij Fredriksen <valerijf@verizonmedia.com> 2021-07-28 12:35:07 +0200
commit: 94997c7f5a5b92f13dad9db1e097c513225767d1 (patch)
tree: f420c783e40ec70a9d00cd6eea8f840deb25f468 /container-core
parent: 7a9ca4411702e0bc7492239ee6ad116527b1e4d2 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java b/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
index 285fab88dd9..1af39e2d073 100644
--- a/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
+++ b/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
@@ -27,6 +27,15 @@ public class FilterUtils {
 
     private static final ObjectMapper mapper = new ObjectMapper();
 
+    public static boolean originIsRequestHost(DiscFilterRequest request) {
+        try {
+            return Optional.ofNullable(request.getHeader("Origin"))
+                    .map(origin -> URI.create(origin).getHost().equals(request.getServerName()))
+                    .orElse(false);
+        } catch (RuntimeException ignored) { }
+        return false;
+    }
+
     public static void sendRedirectResponse(ResponseHandler handler, List<Cookie> cookies, String location) {
         Response response = createResponse(Response.Status.FOUND, cookies);
         response.headers().add("Location", location);
author	Valerij Fredriksen <valerijf@verizonmedia.com>	2021-07-28 12:35:07 +0200
committer	Valerij Fredriksen <valerijf@verizonmedia.com>	2021-07-28 12:35:07 +0200
commit	94997c7f5a5b92f13dad9db1e097c513225767d1 (patch)
tree	f420c783e40ec70a9d00cd6eea8f840deb25f468 /container-core
parent	7a9ca4411702e0bc7492239ee6ad116527b1e4d2 (diff)