1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package org.apache.hadoop.hbase.http;
19
20 import javax.servlet.Filter;
21 import javax.servlet.FilterChain;
22 import javax.servlet.FilterConfig;
23 import javax.servlet.ServletException;
24 import javax.servlet.ServletRequest;
25 import javax.servlet.ServletResponse;
26 import javax.servlet.http.HttpServletResponse;
27 import java.io.IOException;
28
29 import org.apache.hadoop.hbase.classification.InterfaceAudience;
30 import org.apache.hadoop.hbase.HBaseInterfaceAudience;
31
32 @InterfaceAudience.LimitedPrivate(HBaseInterfaceAudience.CONFIG)
33 public class ClickjackingPreventionFilter implements Filter {
34
35 private FilterConfig filterConfig;
36
37 @Override
38 public void init(FilterConfig filterConfig) throws ServletException {
39 this.filterConfig = filterConfig;
40 }
41
42 @Override
43 public void doFilter(ServletRequest req, ServletResponse res,
44 FilterChain chain)
45 throws IOException, ServletException {
46 HttpServletResponse httpRes = (HttpServletResponse) res;
47 httpRes.addHeader("X-Frame-Options", filterConfig.getInitParameter("xframeoptions"));
48 chain.doFilter(req, res);
49 }
50
51 @Override
52 public void destroy() {
53 }
54
55 }