public boolean service(Request request, Response response, RequestHandler handler) throws IOException { String path = request.getPath(); // TAPESTRY-1322: Treat requests from the browser for a favorites icon // via the normal // servlet even if the file doesn't exist, to keep the request from // looking like a // component action request. if (path.equals("/favicon.ico")) return false; // TAPESTRY-2606: A colon in the path is frequently the case for // Tapestry event URLs, // but gives Windows fits. if (!path.contains(":")) { // We are making the questionable assumption that all files to be // vended out will contain // an extension (with a dot separator). Without this, the filter // tends to match against // folder names when we don't want it to (especially for the root // context path). int dotx = path.lastIndexOf("."); if (dotx > 0) { URL url = context.getResource(path); if (url != null) { String suffix = path.substring(dotx + 1); // We never allow access to Tapestry component templates, // even if they exist. // It is considered a security risk, like seeing a raw JSP. // Earlier alpha versions // of Tapestry required that the templates be stored in // WEB-INF. if (suffix.equalsIgnoreCase(CornerConstants.HTML_TEMPLATE_EXTENSION)) { response.sendError( HttpServletResponse.SC_FORBIDDEN, ServicesMessages.resourcesAccessForbidden(path)); return true; } return false; } } } return handler.service(request, response); }
public boolean dispatch(Request request, Response response) throws IOException { String path = request.getPath(); if (!path.startsWith(pathPrefix)) return false; logger.info("gwt path {}", path); String virtualPath = path.substring(pathPrefix.length()); return gwtScriptHandler.handleRequest(virtualPath); }
public boolean dispatch(Request request, Response response) throws IOException { /* * We need to get the Tapestry page requested by the user. So we parse * the path extracted from the request */ String path = request.getPath(); if (path.equals("")) return false; int nextslashx = path.length(); String pageName; while (true) { pageName = path.substring(1, nextslashx); if (!pageName.endsWith("/") && resolver.isPageName(pageName)) break; nextslashx = path.lastIndexOf('/', nextslashx - 1); if (nextslashx <= 1) return false; } return checkAccess(pageName, request, response); }