Package com.isomorphic.servlet

Class HttpProxyServlet

java.lang.Object
jakarta.servlet.GenericServlet
jakarta.servlet.http.HttpServlet
com.isomorphic.servlet.BaseServlet
com.isomorphic.servlet.HttpProxyServlet
All Implemented Interfaces:
jakarta.servlet.Servlet, jakarta.servlet.ServletConfig, Serializable
public class HttpProxyServlet extends BaseServlet
The HttpProxyServlet proxies http requests for the client (browser) - typically for web service calls where cross-domain restrictions prevent the browser from making a direct call to a particular URL. SmartClient automatically determines when a request is cross-domain and uses this servlet to make the request.

You can use a set of regular expressions to restrict the list of URLs that this servlet will proxy to. You can specify these win web.xml using the rules init-param or in a separate file. See the rules and rulesFile javadoc below. If no rules are specified, this filter will proxy to any URL requested by the client. If at least one rule is specified, then any URLs not matching the set of rules is disallowed.

See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    boolean
    acceptInvalidAndExpiredSSLCertificates
    Deprecated.
    As of release 12, replaced by sslTrustStrategy
    String
    proxyHost
    If outbound HTTP requests from this proxy must go through a proxy, you can set the hostname of the proxy server via this parameter.
    int
    proxyPort
    If outbound HTTP requests from this proxy must go through a proxy, you can set the port of the proxy server via this parameter.
    String
    redirectStrategy
    Sets the redirect strategy.
    protected List<com.isomorphic.util.RegexRule>
    rules
    You can specify rules defining the set of URLs proxyable by this servlet inline in web.xml.
    String
    rulesFile
    Specifies path to a file that contains a set of regexp rules that constrain what URLs this servlet will proxy to.
    String
    sslTrustStrategy
    Sets the SSL trust strategy.
    int
    urlCacheSize
    Specifies the size of the URLCache.
    boolean
    useURLCache
    This parameter controls whether the URLCache is enabled or not.

  • Method Summary

    Methods inherited from class com.isomorphic.servlet.BaseServlet

    handleError, handleError

  • Field Details

    • proxyHost

      public String proxyHost
      If outbound HTTP requests from this proxy must go through a proxy, you can set the hostname of the proxy server via this parameter.

      If the JVM executing this servlet can make direct HTTP connections to the relevant hosts, leave this parameter unset.

    • rulesFile

      public String rulesFile
      Specifies path to a file that contains a set of regexp rules that constrain what URLs this servlet will proxy to. The format of the rulesFile is a list of regular expressions in a JSON array. For example: 
       var rules = [
    "match:http://www.slashdot.org/",
 ];
      Note: The rulesFile path is treated as relative to webRoot.
      See Also:

    • useURLCache

      public boolean useURLCache
      This parameter controls whether the URLCache is enabled or not.

      If this servlet users regular expressions via the rulesFile, the URL Cache will cache the result of the application of relevant rules for any given URL. The URL Cache drastically speeds up subsequent rule applications at the cost of memory.

      Note: the cache is automatically disabled if there are no rules to apply. Performance: The URL cache is an LRU Map. If you're using this servlet on a large-scale site with a lot of unique URLs, you may want to tune its size via the urlCacheSize parameter to balance between memory usage and performance.

      See Also:

    • urlCacheSize

      public int urlCacheSize
      Specifies the size of the URLCache. Note that each servlet definition will have its own URLCache.

    • rules

      protected List<com.isomorphic.util.RegexRule> rules
      You can specify rules defining the set of URLs proxyable by this servlet inline in web.xml. To do so, place the rules one to a line (newline separated) under the rules init-param of this servlet. For example: 
       <servlet>
   <servlet-name>HttpProxyServlet</servlet-name>
   <servlet-class>com.isomorphic.servlet.HttpProxyServlet</servlet-class>
   <init-param>
       <param-name>rules</param-name>
       <param-value>
           match:http://www.slashdot.org/
       </param-value>
   </init-param>
 </servlet>
      Each rule consists of a type (either "match:" or "block:") followed by a regular expression. Each URL that is sent to the servlet for proxying is compared against the list of rules, and the first one that applies is used. This allows you to, for example, block certain URLs within a domain that is otherwise permitted. NOTE: The presence of rules implies that a restriction is required, so the servlet will block any URL that does not match a "match:"-type rule, as well as any URL that explicitly matches a "block:"-type rule. If you want a completely open proxy (ie, no restrictions on the URLs that can be proxied), leave rules unspecified. If you want an arrangement whereby you block certain URL patterns and allow all others through, specify a catch-all as your last rule - something like "match:|http:/|"
      See Also:

    • acceptInvalidAndExpiredSSLCertificates

      public boolean acceptInvalidAndExpiredSSLCertificates
      Deprecated.
      As of release 12, replaced by sslTrustStrategy
      If set to true, the proxy will accept invalid and expired SSL certificates from the proxied URL. If false (the default), an error is returned if the proxied URL is SSL-based and the certification is invalid or expired.

    • redirectStrategy

      public String redirectStrategy
      Sets the redirect strategy. Valid values:
      "default" - This strategy honors the restrictions on automatic redirection of entity enclosing methods such as POST and PUT imposed by the HTTP specification. 302 Moved Temporarily, 301 Moved Permanently and 307 Temporary Redirect status codes will result in an automatic redirect of HEAD and GET methods only. POST and PUT methods will not be automatically redirected as requiring user confirmation.
      "lax" - automatically redirects all HEAD, GET, POST, and DELETE requests. This strategy relaxes restrictions on automatic redirection of POST methods imposed by the HTTP specification.

    • sslTrustStrategy

      public String sslTrustStrategy
      Sets the SSL trust strategy. Valid values:
      "default" - Follows the standard JSSE certificate verification process.
      "trustSelfSigned" - A trust strategy that accepts self-signed certificates as trusted. Verification of all other certificates is done by the trust manager configured in the SSL context.
      "trustAll" - A trust strategy that accepts all certificates as trusted. This mode also disables hostname verification.

    • proxyPort

      public int proxyPort
      If outbound HTTP requests from this proxy must go through a proxy, you can set the port of the proxy server via this parameter.

      If the JVM executing this servlet can make direct HTTP connections to the relevant hosts, leave this parameter unset.