2020-10-23 18:18:06 +02:00
|
|
|
package org.gcube.portlets.user.geoportaldataviewer.server;
|
|
|
|
|
2020-10-26 12:24:23 +01:00
|
|
|
import org.gcube.portlets.user.geoportaldataviewer.client.GeoportalDataViewerService;
|
2020-10-23 18:18:06 +02:00
|
|
|
import org.gcube.portlets.user.geoportaldataviewer.shared.FieldVerifier;
|
|
|
|
|
|
|
|
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The server side implementation of the RPC service.
|
|
|
|
*/
|
|
|
|
@SuppressWarnings("serial")
|
2020-10-26 12:24:23 +01:00
|
|
|
public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet implements
|
|
|
|
GeoportalDataViewerService {
|
2020-10-23 18:18:06 +02:00
|
|
|
|
|
|
|
public String greetServer(String input) throws IllegalArgumentException {
|
|
|
|
// Verify that the input is valid.
|
|
|
|
if (!FieldVerifier.isValidName(input)) {
|
|
|
|
// If the input is not valid, throw an IllegalArgumentException back to
|
|
|
|
// the client.
|
|
|
|
throw new IllegalArgumentException(
|
|
|
|
"Name must be at least 4 characters long");
|
|
|
|
}
|
|
|
|
|
|
|
|
String serverInfo = getServletContext().getServerInfo();
|
|
|
|
String userAgent = getThreadLocalRequest().getHeader("User-Agent");
|
|
|
|
|
|
|
|
// Escape data from the client to avoid cross-site script vulnerabilities.
|
|
|
|
input = escapeHtml(input);
|
|
|
|
userAgent = escapeHtml(userAgent);
|
|
|
|
|
|
|
|
return "Hello, " + input + "!<br><br>I am running " + serverInfo
|
|
|
|
+ ".<br><br>It looks like you are using:<br>" + userAgent;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Escape an html string. Escaping data received from the client helps to
|
|
|
|
* prevent cross-site script vulnerabilities.
|
|
|
|
*
|
|
|
|
* @param html the html string to escape
|
|
|
|
* @return the escaped string
|
|
|
|
*/
|
|
|
|
private String escapeHtml(String html) {
|
|
|
|
if (html == null) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
return html.replaceAll("&", "&").replaceAll("<", "<").replaceAll(
|
|
|
|
">", ">");
|
|
|
|
}
|
|
|
|
}
|