Package net.i2p.router.web
Class HostCheckHandler
- java.lang.Object
-
- org.eclipse.jetty.util.component.AbstractLifeCycle
-
- org.eclipse.jetty.util.component.ContainerLifeCycle
-
- org.eclipse.jetty.server.handler.AbstractHandler
-
- org.eclipse.jetty.server.handler.AbstractHandlerContainer
-
- org.eclipse.jetty.server.handler.HandlerWrapper
-
- org.eclipse.jetty.server.handler.gzip.GzipHandler
-
- net.i2p.router.web.HostCheckHandler
-
- All Implemented Interfaces:
Handler,org.eclipse.jetty.server.handler.gzip.GzipFactory,HandlerContainer,Container,Destroyable,Dumpable,LifeCycle
public class HostCheckHandler extends org.eclipse.jetty.server.handler.gzip.GzipHandlerBlock certain Host headers to prevent DNS rebinding attacks. This Handler wraps the ContextHandlerCollection, which handles all the webapps (not just routerconsole). Therefore, this protects all the webapps.- Since:
- 0.9.32
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
-
Field Summary
-
Fields inherited from class org.eclipse.jetty.server.handler.gzip.GzipHandler
DEFAULT_MIN_GZIP_SIZE, DEFLATE, GZIP
-
Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
_handler
-
Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
FAILED, RUNNING, STARTED, STARTING, STOP_ON_FAILURE, STOPPED, STOPPING
-
-
Constructor Summary
Constructors Constructor Description HostCheckHandler(I2PAppContext ctx)MUST call setListenHosts() afterwards.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidhandle(String pathInContext, Request baseRequest, HttpServletRequest httpRequest, HttpServletResponse httpResponse)Block by Host header, redirect HTTP to HTTPS, pass everything else to the delegate.voidsetListenHosts(Set<String> hosts)Set the legal hosts.-
Methods inherited from class org.eclipse.jetty.server.handler.gzip.GzipHandler
addExcludedAgentPatterns, addExcludedMethods, addExcludedMimeTypes, addExcludedPaths, addIncludedAgentPatterns, addIncludedMethods, addIncludedMimeTypes, addIncludedPaths, doStart, getCheckGzExists, getCompressionLevel, getDeflater, getDispatcherTypes, getExcludedAgentPatterns, getExcludedMethods, getExcludedMimeTypes, getExcludedPaths, getIncludedAgentPatterns, getIncludedMethods, getIncludedMimeTypes, getIncludedPaths, getMethods, getMinGzipSize, getVaryField, isAgentGzipable, isMimeTypeGzipable, isPathGzipable, isSyncFlush, recycle, setCheckGzExists, setCompressionLevel, setDispatcherTypes, setDispatcherTypes, setExcludedAgentPatterns, setExcludedMethods, setExcludedMimeTypes, setExcludedPaths, setIncludedAgentPatterns, setIncludedMethods, setIncludedMimeTypes, setIncludedPaths, setMinGzipSize, setSyncFlush
-
Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer
expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler
doStop, dumpThis, getServer
-
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpStdErr, getBean, getBeans, getBeans, isManaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
-
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
-
-
-
-
Constructor Detail
-
HostCheckHandler
public HostCheckHandler(I2PAppContext ctx)
MUST call setListenHosts() afterwards.
-
-
Method Detail
-
setListenHosts
public void setListenHosts(Set<String> hosts)
Set the legal hosts. Not synched. Call this BEFORE starting. If empty, all are allowed.- Parameters:
hosts- contains hostnames or IPs. But we allow all IPs anyway.
-
handle
public void handle(String pathInContext, Request baseRequest, HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws IOException, ServletException
Block by Host header, redirect HTTP to HTTPS, pass everything else to the delegate.- Specified by:
handlein interfaceHandler- Overrides:
handlein classorg.eclipse.jetty.server.handler.gzip.GzipHandler- Throws:
IOExceptionServletException
-
-