I am creating a simple and lightweight reverse HTTP proxy and using com.sun.net.httpserver.httpserver for it.
Once the proxy is done with its work it should add few headers in request headers and forward the request to actual service, however when i add anything in request headers i get UnsupportedOperationException because it is using UnmodifiableHeaders.
Can someone tell me how to configure com.sun.net.httpserver.httpserver to use modifiable headers?
Or is there any other better yet super lightweight HTTP server which supports this?
java.lang.UnsupportedOperationException: unsupported operation
at jdk.httpserver/sun.net.httpserver.UnmodifiableHeaders.add(UnmodifiableHeaders.java:65)
at com.example.SampleFilter.lambda$addValuesInRequestHeader$1(SampleFilter.java:80)
There is no way to add/edit headers but we can use httpExchange.setAttribute() and httpExchange.getAttribute() methods to pass additional information when hopping between filters.
For adding headers to the request that we want to forward to service, we create a new http request from the original one and include attributes in headers
Related
I'm trying to handle a redirect with a Spring WebClient, using an org.apache.hc.client5.http.impl.async.HttpAsyncClient under the hood, and forward the sensitive headers in the redirect request. I see examples in previous versions that there is a way using a .followRedirect(boolean followRedirect, Consumer<HttpClientRequest> redirectRequestConsumer) configuration, but that doesn't appear to exist in the current version.
My alternative is to turn off following redirect, grab the headers and cookies in the redirect response, and then send off a second request with that information, but that seems like more of a hack than a proper solution.
Thanks!
You set it in the builder
public RequestConfig.Builder setRedirectsEnabled(boolean redirectsEnabled)
And set your RequestConfig in your RequestBuilder
See also See setRedirectStrategy
I'm implementing rate limit filter in JAX-RS application (Websphere Liberty).
Main functionality will be in request filter (implementing ContainerRequestFilter interface), so I can deny request before it reaches endpoint.
However, I would also like to add response headers at the same time (e.g. X-RateLimit-Limit) in any case.
I would like to avoid writing separate ContainerResponseFilter for this purpose because performance reasons. I have all counters loaded already in Request filter.
Is there a clean way to include response headers in request filter for inclusion down the chain?
Solved by passing data in requestContext from request to response filter.
I'm just started with Undertow.
I would like to add the header filter that only allows the request with RequestProperty like below code.
con.setRequestProperty("X-Client-Token", TOKEN);
con.setRequestProperty("X-Client-Secret", SECRET);
I have been written the method to check the header after receiving the request by using HttpServerExchange exchange after implement io.undertow.server.HttpHandler. But I need to use this method for each request after receiving.
So. It's there any other way to check and filter the header parameters in undertow without using Wildfly server. And how to do it.
Thank you.
I'm trying to use apollo-android library to communicate with graphql server. The problem is that backend uses headers to authenticate requests and I found no ways to add them. Also in auth request the token is sent in headers and I found no ways to read it from the response.
People advise to set auth headers via interceptors in OkHttpClient but this approach is not applicable in my situation because client have to send different sets of headers in different requests.
So, is there any workaround in this situation? Should I use simple rest client like Retrofit or maybe create new ApolloClient and OkHttpClient instances on each new request with desired set of headers? Or maybe there is another workarounds?
People advise to set auth headers via interceptors in OkHttpClient but this approach is not applicable in my situation because client have to send different sets of headers in different requests.
Have setter methods and fields on your interceptors that accept the varying headers. Call those setter methods prior to making an ApolloClient request that needs the headers.
Or, teach the interceptor how to apply different headers for different requests based on the request characteristics visible to the interceptor (e.g., URL).
I have a JAX-RS web service for which I would like to disable the same-origin policy via the new CORS HTTP headers. (I am fully aware of the security implications.)
I'd like to have a custom annotation that lets me set HTTP response headers. For example,
#ResponseHeaders({"Access-Control-Allow-Origin: *",
"Access-Control-Allow-Methods: GET"})
// Or, alternatively:
#AllowOrigins({"*"})
public String resourceMethod() { ... }
This approach minimizes boilerplate code, but I'm not sure if there's a subtle technical limitation; JAX-RS provides many annotations to handle the HTTP request but not the response, with #Produces seeming to be the sole exception.
I also prefer to stay away from too much web.xml configuration, if possible. Without explicitly needing to use a ResponseBuilder (it's OK if an annotation uses one), is there a clean way to set custom HTTP response headers?
To clarify, I'm looking for annotations that integrate with the various ways of setting HTTP response headers in order to minimize boilerplate code.
Perhaps the only spec driven approach is to use a custom MessageBodyWriter. In the writeTo() method, you are passed in a MultivaluedMap which you can set response headers on. You are also passed the annotations on the resource method invoked (so you can get whatever custom annotation you want). So read the annotations, set the headers via MultivaluedMap, and then use the OutputStream passed in to write the message body.
In Apache Wink and possibly other JAX-RS frameworks, you can create custom server side handlers that can also read the annotations on the resource method and do whatever you want (like setting response headers by default).