| | |
|---|
| | | import java.util.HashMap; |
|---|
| | | import java.util.Map; |
|---|
| | | |
|---|
| | | import com.gitblit.AvatarGenerator; |
|---|
| | | import com.gitblit.Constants; |
|---|
| | | import com.gitblit.servlet.AccessDeniedServlet; |
|---|
| | | import com.gitblit.servlet.BranchGraphServlet; |
|---|
| | |
|---|
| | | public class WebModule extends ServletModule { |
|---|
| | | |
|---|
| | | final static String ALL = "/*"; |
|---|
| | | private boolean isGO; |
|---|
| | | |
|---|
| | | public WebModule(boolean isGO) { |
|---|
| | | this.isGO=isGO; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected void configureServlets() { |
|---|
| | | |
|---|
| | | // bind web component providers |
|---|
| | | bind(AvatarGenerator.class).toProvider(AvatarGeneratorProvider.class); |
|---|
| | | |
|---|
| | | // servlets |
|---|
| | | serve(fuzzy(Constants.R_PATH), fuzzy(Constants.GIT_PATH)).with(GitServlet.class); |
|---|
| | | serve(fuzzy(Constants.RAW_PATH)).with(RawServlet.class); |
|---|
| | |
|---|
| | | serve(Constants.PT_PATH).with(PtServlet.class); |
|---|
| | | serve("/robots.txt").with(RobotsTxtServlet.class); |
|---|
| | | serve("/logo.png").with(LogoServlet.class); |
|---|
| | | if(isGO) |
|---|
| | | { |
|---|
| | | /* Prevent accidental access to 'resources' such as GitBlit java classes |
|---|
| | | * |
|---|
| | | * In the GO setup the JAR containing the application and the WAR injected |
|---|
| | | * into Jetty are the same file. However Jetty expects to serve the entire WAR |
|---|
| | | * contents, except the WEB-INF folder. Thus, all java binary classes in the |
|---|
| | | * JAR are served by default as is they were legitimate resources. |
|---|
| | | * |
|---|
| | | * The below servlet mappings prevent that behavior |
|---|
| | | */ |
|---|
| | | serve(fuzzy("/com/")).with(AccessDeniedServlet.class); |
|---|
| | | serve(fuzzy("/org/")).with(AccessDeniedServlet.class); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* Prevent accidental access to 'resources' such as GitBlit java classes |
|---|
| | | * |
|---|
| | | * In the GO setup the JAR containing the application and the WAR injected |
|---|
| | | * into Jetty are the same file. However Jetty expects to serve the entire WAR |
|---|
| | | * contents, except the WEB-INF folder. Thus, all java binary classes in the |
|---|
| | | * JAR are served by default as is they were legitimate resources. |
|---|
| | | * |
|---|
| | | * The below servlet mappings prevent that behavior |
|---|
| | | */ |
|---|
| | | serve(fuzzy("/com/")).with(AccessDeniedServlet.class); |
|---|
| | | |
|---|
| | | // global filters |
|---|
| | | filter(ALL).through(ProxyFilter.class); |
|---|
| | | filter(ALL).through(EnforceAuthenticationFilter.class); |
|---|
