From 94997c7f5a5b92f13dad9db1e097c513225767d1 Mon Sep 17 00:00:00 2001
From: Valerij Fredriksen <valerijf@verizonmedia.com>
Date: Wed, 28 Jul 2021 12:35:07 +0200
Subject: Redirect to login if same Origin

---
 .../main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java  | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'container-core')

diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java b/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
index 285fab88dd9..1af39e2d073 100644
--- a/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
+++ b/container-core/src/main/java/com/yahoo/jdisc/http/filter/util/FilterUtils.java
@@ -27,6 +27,15 @@ public class FilterUtils {
 
     private static final ObjectMapper mapper = new ObjectMapper();
 
+    public static boolean originIsRequestHost(DiscFilterRequest request) {
+        try {
+            return Optional.ofNullable(request.getHeader("Origin"))
+                    .map(origin -> URI.create(origin).getHost().equals(request.getServerName()))
+                    .orElse(false);
+        } catch (RuntimeException ignored) { }
+        return false;
+    }
+
     public static void sendRedirectResponse(ResponseHandler handler, List<Cookie> cookies, String location) {
         Response response = createResponse(Response.Status.FOUND, cookies);
         response.headers().add("Location", location);
-- 
cgit v1.2.3