zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-04-30 12:07:51 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/request/JsonResponse.java
mcilwain aa2f283f7c Convert entire project to strict lexicographical import sort ordering 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=127234970
2016-07-13 15:59:53 -04:00

66 lines
2.5 KiB
Java
Raw Blame History

// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.request;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.net.HttpHeaders.CONTENT_DISPOSITION;
import static com.google.common.net.HttpHeaders.X_CONTENT_TYPE_OPTIONS;
import static com.google.common.net.MediaType.JSON_UTF_8;
import static org.json.simple.JSONValue.toJSONString;
import java.util.Map;
import javax.inject.Inject;
import org.joda.time.DateTime;
/** JSON response object. */
public class JsonResponse {
/** String prefixed to all JSON-like responses to break {@code eval()}. */
public static final String JSON_SAFETY_PREFIX = ")]}'\n";
protected final Response response;
@Inject
public JsonResponse(Response rsp) {
this.response = rsp;
}
/** @see Response#setStatus */
public void setStatus(int status) {
response.setStatus(status);
}
/** Writes the JSON map to the HTTP payload; call this exactly once. */
public void setPayload(Map<String, ?> responseMap) {
response.setContentType(JSON_UTF_8);
// This prevents IE from MIME-sniffing a response away from the declared Content-Type.
response.setHeader(X_CONTENT_TYPE_OPTIONS, "nosniff");
// This is a defense in depth that prevents browsers from trying to render the content of the
// response, even if all else fails. It's basically another anti-sniffing mechanism in the sense
// that if you hit this url directly, it would try to download the file instead of showing it.
response.setHeader(CONTENT_DISPOSITION, "attachment");
response.setPayload(JSON_SAFETY_PREFIX + toJSONString(checkNotNull(responseMap)));
}
/** @see Response#setHeader */
public void setHeader(String header, String value) {
response.setHeader(header, value);
}
/** @see Response#setDateHeader */
public void setDateHeader(String header, DateTime timestamp) {
response.setDateHeader(header, timestamp);
}
}
Reference in a new issue View git blame Copy permalink