From 4fdab71c8d05249778a567349fc3340be3841c43 Mon Sep 17 00:00:00 2001 From: Marck Date: Mon, 1 Nov 2010 13:52:39 +0100 Subject: Add support for cross-domain AJAX requests to REST console. Enables RemoteConsole to add the appropriate HTTP header when responding to requests that use Cross-Origin Resource Sharing (CORS with simple requests). The allowed origin is set with configuration option "ConsoleAllowedOrigin" in section [Network]. For a suggestion to make this configuration option more flexible, see the TODO comment in the source code. The WifiConsole uses this functionality with grid mode. --- OpenSim/Framework/Console/RemoteConsole.cs | 31 ++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'OpenSim/Framework') diff --git a/OpenSim/Framework/Console/RemoteConsole.cs b/OpenSim/Framework/Console/RemoteConsole.cs index 7eb289b..07de27a 100644 --- a/OpenSim/Framework/Console/RemoteConsole.cs +++ b/OpenSim/Framework/Console/RemoteConsole.cs @@ -32,6 +32,7 @@ using System.Collections.Generic; using System.Diagnostics; using System.Reflection; using System.Text; +using System.Text.RegularExpressions; using System.Threading; using OpenMetaverse; using Nini.Config; @@ -62,6 +63,7 @@ namespace OpenSim.Framework.Console new Dictionary(); private string m_UserName = String.Empty; private string m_Password = String.Empty; + private string m_AllowedOrigin = String.Empty; public RemoteConsole(string defaultPrompt) : base(defaultPrompt) { @@ -77,6 +79,7 @@ namespace OpenSim.Framework.Console m_UserName = netConfig.GetString("ConsoleUser", String.Empty); m_Password = netConfig.GetString("ConsolePass", String.Empty); + m_AllowedOrigin = netConfig.GetString("ConsoleAllowedOrigin", String.Empty); } public void SetServer(IHttpServer server) @@ -150,6 +153,29 @@ namespace OpenSim.Framework.Console return cmdinput; } + private Hashtable CheckOrigin(Hashtable result) + { + if (!string.IsNullOrEmpty(m_AllowedOrigin)) + result["access_control_allow_origin"] = m_AllowedOrigin; + return result; + } + /* TODO: Figure out how PollServiceHTTPHandler can access the request headers + * in order to use m_AllowedOrigin as a regular expression + private Hashtable CheckOrigin(Hashtable headers, Hashtable result) + { + if (!string.IsNullOrEmpty(m_AllowedOrigin)) + { + if (headers.ContainsKey("origin")) + { + string origin = headers["origin"].ToString(); + if (Regex.IsMatch(origin, m_AllowedOrigin)) + result["access_control_allow_origin"] = origin; + } + } + return result; + } + */ + private void DoExpire() { List expired = new List(); @@ -235,6 +261,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -289,6 +316,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -344,6 +372,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -457,6 +486,7 @@ namespace OpenSim.Framework.Console result["content_type"] = "application/xml"; result["keepalive"] = false; result["reusecontext"] = false; + result = CheckOrigin(result); return result; } @@ -480,6 +510,7 @@ namespace OpenSim.Framework.Console result["content_type"] = "text/xml"; result["keepalive"] = false; result["reusecontext"] = false; + result = CheckOrigin(result); return result; } -- cgit v1.1