Package de.xima.fc.web.common.utils

Class ServletUtils

java.lang.Object
de.xima.fc.web.common.utils.ServletUtils
public final class ServletUtils extends Object

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    ERR
     
    static final org.slf4j.Logger
    LOG
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static void
    addCspPolicy(javax.servlet.http.HttpServletResponse res, String policy)
    Amends the Content-Security-Policy header with the given policy, preserving existing policies.
    static void
    addCspReportOnlyPolicy(javax.servlet.http.HttpServletResponse res, String policy)
    Amends the Content-Security-Policy-Report-Only header with the given policy, preserving existing policies.
    static void
    addRobotsTagHeader(javax.servlet.http.HttpServletResponse resp, String botName, ERobotsTag... tags)
    Adds a X-Robots-Tag header for all or one specific bot.
    static Object
    checkForDate(Object value)
    Falls übergebener Wert kein Datums-String im erwarteten Format ist, wird der Original-Wert zurückgegeben, ansonsten das entsprechende java.util.Date.
    static SimpleDateFormat
    dateFormatter()
     
    static int
    getIntParam(String param)
     
    static String
    getRequestTrace(javax.servlet.http.HttpServletRequest req)
    Schreibt Request-Header raus
    static int
    getUrlIntParam(javax.servlet.http.HttpServletRequest req, int idx)
    Auslesen eines Int-Parameters aus einer ServletUrl.
    static String
    getUrlParam(javax.servlet.http.HttpServletRequest req, int idx)
    Auslesen eines Parameter aus einer ServletUrl.
    static void
    logRequestTrace(javax.servlet.http.HttpServletRequest req, org.slf4j.Logger logger)
     
    static Map<String,List<String>>
    parseForMultipleParameters(javax.servlet.http.HttpServletRequest request, Long limit)
    Assumes there are no file uploads.
    static Map<String,String>
    parseForSingleParameters(javax.servlet.http.HttpServletRequest request, Long limit)
    Assumes there are no file uploads.
    static final String
    pn(String... attribs)
     
    static final String
    pn2ul(String str)
     
    static String
    readJSONFromPayLoad(InputStream is)
    InputStream in einen String umwandeln.
    static final void
    setAccessControlHeader(javax.servlet.http.HttpServletResponse resp)
    Sets the header Access-Control-Allow-Origin: *.
    static final void
    setAccessControlHeader(javax.servlet.http.HttpServletResponse resp, int deltaSeconds, String origin, boolean allowCredentials, Iterable<String> allowMethods, Iterable<String> allowHeaders, Iterable<String> exposeHeaders)
    Sets the various Access-Control-* headers on the given response.
    static final void
    setAccessControlHeader(javax.servlet.http.HttpServletResponse resp, int deltaSeconds, javax.servlet.http.HttpServletRequest req, boolean allowCredentials, Iterable<String> allowMethods, Iterable<String> allowHeaders, Iterable<String> exposeHeaders)
    Sets the various Access-Control-* headers on the given response.
    static final void
    setDefaultEncodings(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
     
    static final void
    setFormAccessControllHeaders(javax.servlet.http.HttpServletResponse resp)
     
    static final void
    setFormAccessControllHeaders(javax.servlet.http.HttpServletResponse resp, String allowOrigin)
     
    static void
    setFormRobotsTags(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
    Sets the noindex and nofollow tags when a security related parameter is present in the request (process ID , form request ID, form session ID, verify ID, verify workflow node ID, username).
    static final void
    setNoCacheHeaders(javax.servlet.http.HttpServletResponse resp)
     
    static void
    setRobotsTagHeader(javax.servlet.http.HttpServletResponse resp, String botName, ERobotsTag... tags)
    Sets the X-Robots-Tag header (overwriting all existing headers) for all or one specific bot.
    static final String
    ul2pn(String str)
     
    static javax.servlet.http.HttpServletResponse
    unwrapResponse(javax.servlet.http.HttpServletResponse response)
    Unwraps the servlet response, removing CDI proxies and all ServletResponseWrapper, returning the raw unwrapped HTTP servlet response.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • LOG

      public static final org.slf4j.Logger LOG

    • ERR

      public static final int ERR
      See Also:

  • Method Details

    • getRequestTrace

      public static String getRequestTrace(javax.servlet.http.HttpServletRequest req)
      Schreibt Request-Header raus

    • logRequestTrace

      public static void logRequestTrace(javax.servlet.http.HttpServletRequest req, org.slf4j.Logger logger)

    • unwrapResponse

      public static javax.servlet.http.HttpServletResponse unwrapResponse(javax.servlet.http.HttpServletResponse response)
      Unwraps the servlet response, removing CDI proxies and all ServletResponseWrapper, returning the raw unwrapped HTTP servlet response.
      Parameters:
      response - Response to unwrap.
      Returns:
      The unwrapped response.

    • getUrlParam

      public static String getUrlParam(javax.servlet.http.HttpServletRequest req, int idx)
      Auslesen eines Parameter aus einer ServletUrl. Der Index gibt die Position an, begonnen wird bei 0. Aufbau der URL: 
       web-app-url/servlet/param0/param1/...
      Parameters:
      req - HttpServletRequest mit Parameter
      idx - Index des Parameters
      Returns:
      Parameter aus HttpRequest. Wird kein Parameter gefunden wird null zurückgegeben.

    • getUrlIntParam

      public static int getUrlIntParam(javax.servlet.http.HttpServletRequest req, int idx)
      Auslesen eines Int-Parameters aus einer ServletUrl. Weitere Informationen siehe ServletUtils#getParam(req, idx)

    • getIntParam

      public static int getIntParam(String param)

    • parseForSingleParameters

      public static Map<String,String> parseForSingleParameters(javax.servlet.http.HttpServletRequest request, Long limit) throws org.apache.commons.fileupload.FileUploadException, IOException
      Assumes there are no file uploads. Reads all parameters from the request, including parameters from a multipart request. In case there are multiple values for a parameter key (eg. http://example.com?foo=bar&foo=baz), only one value is returned. Also handles the case of form encoded requests with different methods such as DELETE or PUT.
      Parameters:
      request - Request to be parsed
      limit - Limit in bytes for a multipart request. Set to 0 or null for no limit.
      Returns:
      A map of all request parameters, including form parameters from a multipart request.
      Throws:
      org.apache.commons.fileupload.FileUploadException - When the request is a multipart request and could not be parsed.
      IOException - When the body of the HTTP request could not be read.

    • parseForMultipleParameters

      public static Map<String,List<String>> parseForMultipleParameters(javax.servlet.http.HttpServletRequest request, Long limit) throws org.apache.commons.fileupload.FileUploadException, IOException
      Assumes there are no file uploads. Reads all parameters from the request, including parameters from a multipart request. Also handles the case of form encoded requests with different methods such as DELETE or PUT.
      Parameters:
      request - Request to be parsed
      limit - Limit in bytes for a multipart request. Set to 0 or null for no limit.
      Returns:
      A map of all request parameters, including form parameters from a multipart request.
      Throws:
      org.apache.commons.fileupload.FileUploadException - When the request is a multipart request and could not be parsed.
      IOException - When the body of the HTTP request could not be read.

    • readJSONFromPayLoad

      public static String readJSONFromPayLoad(InputStream is)
      InputStream in einen String umwandeln.
      Parameters:
      is - InputStream
      Returns:
      JSON-String aus InputStream, im Fehlerfall wird null zurückgegeben.

    • setDefaultEncodings

      public static final void setDefaultEncodings(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws UnsupportedEncodingException
      Throws:
      UnsupportedEncodingException

    • setNoCacheHeaders

      public static final void setNoCacheHeaders(javax.servlet.http.HttpServletResponse resp)

    • addRobotsTagHeader

      public static void addRobotsTagHeader(javax.servlet.http.HttpServletResponse resp, String botName, ERobotsTag... tags)
      Adds a X-Robots-Tag header for all or one specific bot. See e.g. https://developers.google.com/search/docs/advanced/robots/robots_meta_tag for reference.
      Parameters:
      resp - Servlet response on which to set the header.
      botName - Name of the bot to which the robots tags should apply, such as googlebot, Bingbot, or Baiduspider. null or empty if they should apply to all robots.
      tags - Robots tag to set.

    • setRobotsTagHeader

      public static void setRobotsTagHeader(javax.servlet.http.HttpServletResponse resp, String botName, ERobotsTag... tags)
      Sets the X-Robots-Tag header (overwriting all existing headers) for all or one specific bot. See e.g. https://developers.google.com/search/docs/advanced/robots/robots_meta_tag for reference.
      Parameters:
      resp - Servlet response on which to set the header.
      botName - Name of the bot to which the robots tags should apply, such as googlebot, Bingbot, or Baiduspider. null or empty if they should apply to all robots.
      tags - Robots tag to set.

    • setFormAccessControllHeaders

      public static final void setFormAccessControllHeaders(javax.servlet.http.HttpServletResponse resp)

    • setFormAccessControllHeaders

      public static final void setFormAccessControllHeaders(javax.servlet.http.HttpServletResponse resp, String allowOrigin)

    • setAccessControlHeader

      public static final void setAccessControlHeader(javax.servlet.http.HttpServletResponse resp)
      Sets the header Access-Control-Allow-Origin: *.
      Parameters:
      resp - Response to process.

    • setAccessControlHeader

      public static final void setAccessControlHeader(javax.servlet.http.HttpServletResponse resp, int deltaSeconds, javax.servlet.http.HttpServletRequest req, boolean allowCredentials, Iterable<String> allowMethods, Iterable<String> allowHeaders, Iterable<String> exposeHeaders)
      Sets the various Access-Control-* headers on the given response.
      Parameters:
      resp - Response to process.
      deltaSeconds - The value for the Access-Control-Max-Age header, which indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached. Set to a value less than 0 to not set this header.
      req - Origin to allow for the Access-Control-Allow-Origin header, uses the Origin header of the request.
      allowCredentials - When true, sets Access-Control-Allow-Credentials: true. It tells browsers whether to expose the response to the frontend JavaScript code when the request's credentials mode (Request.credentials) is include.
      allowMethods - HTTP methods for the Access-Control-Allow-Methods header, which specifies one or more methods allowed when accessing a resource in response to a preflight request.
      allowHeaders - Headers for the Access-Control-Allow-Headers header, which indicates which HTTP headers can be used during the actual request.
      exposeHeaders - Headers for the Access-Control-Expose-Headers header, which indicates which response headers should be made available to scripts running in the browser, in response to a cross-origin request.

    • setAccessControlHeader

      public static final void setAccessControlHeader(javax.servlet.http.HttpServletResponse resp, int deltaSeconds, String origin, boolean allowCredentials, Iterable<String> allowMethods, Iterable<String> allowHeaders, Iterable<String> exposeHeaders)
      Sets the various Access-Control-* headers on the given response.
      Parameters:
      resp - Response to process.
      deltaSeconds - The value for the Access-Control-Max-Age header, which indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached. Set to a value less than 0 to not set this header.
      origin - Origin to allow for the Access-Control-Allow-Origin header. When empty or null, uses *.
      allowCredentials - When true, sets Access-Control-Allow-Credentials: true. It tells browsers whether to expose the response to the frontend JavaScript code when the request's credentials mode (Request.credentials) is include.
      allowMethods - HTTP methods for the Access-Control-Allow-Methods header, which specifies one or more methods allowed when accessing a resource in response to a preflight request.
      allowHeaders - Headers for the Access-Control-Allow-Headers header, which indicates which HTTP headers can be used during the actual request.
      exposeHeaders - Headers for the Access-Control-Expose-Headers header, which indicates which response headers should be made available to scripts running in the browser, in response to a cross-origin request.

    • pn

      public static final String pn(String... attribs)
      Returns:
      Die übergebene Attributkette in Punktnotation, bspw "attribs0.attribs1.attribs2".

    • pn2ul

      public static final String pn2ul(String str)
      Returns:
      Der übergebene String, wobei Punkte('.') mit Unterstrichen('_') erstetzt werden.

    • ul2pn

      public static final String ul2pn(String str)
      Returns:
      Der übergebene String, wobei Unterstriche('_') mit Punkten('.') erstetzt werden.

    • dateFormatter

      public static SimpleDateFormat dateFormatter()
      Returns:
      SimpleDateFormat auf Basis des Standardformats für Datumsangaben

    • checkForDate

      public static Object checkForDate(Object value)
      Falls übergebener Wert kein Datums-String im erwarteten Format ist, wird der Original-Wert zurückgegeben, ansonsten das entsprechende java.util.Date.

    • setFormRobotsTags

      public static void setFormRobotsTags(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
      Sets the noindex and nofollow tags when a security related parameter is present in the request (process ID , form request ID, form session ID, verify ID, verify workflow node ID, username).
      Parameters:
      req - Request that was made.
      resp - Response that is to be sent.s

    • addCspPolicy

      public static void addCspPolicy(javax.servlet.http.HttpServletResponse res, String policy)
      Amends the Content-Security-Policy header with the given policy, preserving existing policies.
      Parameters:
      res - HTTP response to which to add the policy.
      policy - Policy to add.

    • addCspReportOnlyPolicy

      public static void addCspReportOnlyPolicy(javax.servlet.http.HttpServletResponse res, String policy)
      Amends the Content-Security-Policy-Report-Only header with the given policy, preserving existing policies.
      Parameters:
      res - HTTP response to which to add the policy.
      policy - Policy to add.