Interface to HTTP response.
More...
#include <xmltooling/io/HTTPResponse.h>
|
enum | samesite_t { SAMESITE_ABSENT = 0
, SAMESITE_NONE = 1
, SAMESITE_LAX = 2
, SAMESITE_STRICT = 3
} |
| Cookie SameSite values.
|
|
enum | status_t {
XMLTOOLING_HTTP_STATUS_OK = 200
, XMLTOOLING_HTTP_STATUS_MOVED = 302
, XMLTOOLING_HTTP_STATUS_NOTMODIFIED = 304
, XMLTOOLING_HTTP_STATUS_BADREQUEST = 400
,
XMLTOOLING_HTTP_STATUS_UNAUTHORIZED = 401
, XMLTOOLING_HTTP_STATUS_FORBIDDEN = 403
, XMLTOOLING_HTTP_STATUS_NOTFOUND = 404
, XMLTOOLING_HTTP_STATUS_ERROR = 500
} |
| Some common HTTP status codes.
|
|
|
void | setContentType (const char *type) |
| Sets or clears the MIME type of the response.
|
|
virtual void | setResponseHeader (const char *name, const char *value, bool replace=false) |
| Sets, adds, or clears a response header.
|
|
virtual void | setCookie (const char *name, const char *value, time_t expires, samesite_t sameSiteValue, bool sameSiteFallback) |
| Sets or unsets a client cookie.
|
|
virtual void | setCookie (const char *name, const char *value, time_t expires=0, samesite_t sameSiteValue=SAMESITE_ABSENT) |
| Sets or unsets a client cookie.
|
|
virtual long | sendRedirect (const char *url) |
| Redirect the client to the specified URL and complete the response.
|
|
long | sendError (std::istream &inputStream) |
| Sends an "error" response to the client along with a transport-specific error indication.
|
|
long | sendResponse (std::istream &inputStream) |
| Sends a completed response to the client along with a transport-specific "OK" indication.
|
|
virtual long | sendResponse (std::istream &inputStream, long status)=0 |
| Sends a completed response to the client.
|
|
|
static std::vector< std::string > & | getAllowedSchemes () |
| Returns a modifiable array of schemes to permit in sanitized URLs.
|
|
static void | sanitizeURL (const char *url) |
| Manually check for unsafe URLs vulnerable to injection attacks.
|
|
Interface to HTTP response.
To supply information to the surrounding web server environment, a shim must be supplied in the form of this interface to adapt the library to different proprietary server APIs.
This interface need not be threadsafe.
◆ getAllowedSchemes()
static std::vector< std::string > & xmltooling::HTTPResponse::getAllowedSchemes |
( |
| ) |
|
|
static |
Returns a modifiable array of schemes to permit in sanitized URLs.
Updates to this array must be externally synchronized with any use of this class or its subclasses.
- Returns
- a mutable array of strings containing the schemes to permit
◆ sanitizeURL()
static void xmltooling::HTTPResponse::sanitizeURL |
( |
const char * | url | ) |
|
|
static |
Manually check for unsafe URLs vulnerable to injection attacks.
- Parameters
-
◆ sendError()
long xmltooling::HTTPResponse::sendError |
( |
std::istream & | inputStream | ) |
|
|
virtual |
Sends an "error" response to the client along with a transport-specific error indication.
- Parameters
-
inputStream | reference to source of response data |
- Returns
- a result code to return from the calling MessageEncoder
Implements xmltooling::GenericResponse.
◆ sendRedirect()
virtual long xmltooling::HTTPResponse::sendRedirect |
( |
const char * | url | ) |
|
|
virtual |
Redirect the client to the specified URL and complete the response.
Any headers previously set will be sent ahead of the redirect.
The URL will be validated with the sanitizeURL method below.
- Parameters
-
url | location to redirect client |
- Returns
- a result code to return from the calling MessageEncoder
◆ sendResponse() [1/2]
long xmltooling::HTTPResponse::sendResponse |
( |
std::istream & | inputStream | ) |
|
|
virtual |
Sends a completed response to the client along with a transport-specific "OK" indication.
Used for "normal" responses.
- Parameters
-
inputStream | reference to source of response data |
- Returns
- a result code to return from the calling MessageEncoder
Implements xmltooling::GenericResponse.
◆ sendResponse() [2/2]
virtual long xmltooling::GenericResponse::sendResponse |
( |
std::istream & | inputStream, |
|
|
long | status ) |
|
virtual |
Sends a completed response to the client.
- Parameters
-
inputStream | reference to source of response data |
status | transport-specific status to return |
- Returns
- a result code to return from the calling MessageEncoder
Implements xmltooling::GenericResponse.
◆ setContentType()
void xmltooling::HTTPResponse::setContentType |
( |
const char * | type | ) |
|
|
virtual |
Sets or clears the MIME type of the response.
- Parameters
-
type | the MIME type, or nullptr to clear |
Implements xmltooling::GenericResponse.
◆ setCookie() [1/2]
virtual void xmltooling::HTTPResponse::setCookie |
( |
const char * | name, |
|
|
const char * | value, |
|
|
time_t | expires, |
|
|
samesite_t | sameSiteValue, |
|
|
bool | sameSiteFallback ) |
|
virtual |
Sets or unsets a client cookie.
The boolean flag enables the workaround for older clients with broken SameSite support by setting a second cookie with a decorated name that would not carry the SameSite flag.
- Parameters
-
name | cookie name |
value | value to set, or nullptr to clear |
expires | optional expiration time for the cookie, 0 means session |
sameSiteValue | the SameSite value to apply to the cookie |
sameSiteFallback | enables setting of a fallback cookie |
◆ setCookie() [2/2]
virtual void xmltooling::HTTPResponse::setCookie |
( |
const char * | name, |
|
|
const char * | value, |
|
|
time_t | expires = 0, |
|
|
samesite_t | sameSiteValue = SAMESITE_ABSENT ) |
|
virtual |
Sets or unsets a client cookie.
Now defaults to calling the new version with a false flag.
- Parameters
-
name | cookie name |
value | value to set, or nullptr to clear |
expires | optional expiration time for the cookie, 0 means session |
sameSiteValue | the SameSite value to apply to the cookie |
◆ setResponseHeader()
virtual void xmltooling::HTTPResponse::setResponseHeader |
( |
const char * | name, |
|
|
const char * | value, |
|
|
bool | replace = false ) |
|
virtual |
Sets, adds, or clears a response header.
- Parameters
-
name | header name |
value | value to set, or nullptr to clear |
replace | true iff this should replace existing header(s) |
The documentation for this class was generated from the following file: