diff options
| -rw-r--r-- | java/com/google/gerrit/httpd/XsrfCookieFilter.java | 8 | ||||
| -rw-r--r-- | java/com/google/gerrit/httpd/raw/StaticModule.java | 47 |
2 files changed, 31 insertions, 24 deletions
diff --git a/java/com/google/gerrit/httpd/XsrfCookieFilter.java b/java/com/google/gerrit/httpd/XsrfCookieFilter.java index d15ecacd59..079efa4023 100644 --- a/java/com/google/gerrit/httpd/XsrfCookieFilter.java +++ b/java/com/google/gerrit/httpd/XsrfCookieFilter.java @@ -32,6 +32,7 @@ import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.eclipse.jgit.http.server.GitSmartHttpTools; @Singleton public class XsrfCookieFilter implements Filter { @@ -50,8 +51,11 @@ public class XsrfCookieFilter implements Filter { @Override public void doFilter(ServletRequest req, ServletResponse rsp, FilterChain chain) throws IOException, ServletException { - WebSession s = user.get().isIdentifiedUser() ? session.get() : null; - setXsrfTokenCookie((HttpServletRequest) req, (HttpServletResponse) rsp, s); + HttpServletRequest httpRequest = (HttpServletRequest) req; + if (!GitSmartHttpTools.isGitClient(httpRequest)) { + WebSession s = user.get().isIdentifiedUser() ? session.get() : null; + setXsrfTokenCookie(httpRequest, (HttpServletResponse) rsp, s); + } chain.doFilter(req, rsp); } diff --git a/java/com/google/gerrit/httpd/raw/StaticModule.java b/java/com/google/gerrit/httpd/raw/StaticModule.java index 0d4c67e8ee..7f2161d4b2 100644 --- a/java/com/google/gerrit/httpd/raw/StaticModule.java +++ b/java/com/google/gerrit/httpd/raw/StaticModule.java @@ -54,6 +54,7 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; +import org.eclipse.jgit.http.server.GitSmartHttpTools; import org.eclipse.jgit.lib.Config; public class StaticModule extends ServletModule { @@ -405,34 +406,36 @@ public class StaticModule extends ServletModule { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; - GuiceFilterRequestWrapper reqWrapper = new GuiceFilterRequestWrapper(req); - String path = pathInfo(req); + if (!GitSmartHttpTools.isGitClient(req)) { + GuiceFilterRequestWrapper reqWrapper = new GuiceFilterRequestWrapper(req); + String path = pathInfo(req); - // Special case assets during development that are built by Bazel and not - // served out of the source tree. - // - // In the war case, these are either inlined, or live under - // /polygerrit_ui in the war file, so we can just treat them as normal - // assets. - if (paths.isDev()) { - if (path.startsWith("/bower_components/")) { - bowerComponentServlet.service(reqWrapper, res); + // Special case assets during development that are built by Bazel and not + // served out of the source tree. + // + // In the war case, these are either inlined, or live under + // /polygerrit_ui in the war file, so we can just treat them as normal + // assets. + if (paths.isDev()) { + if (path.startsWith("/bower_components/")) { + bowerComponentServlet.service(reqWrapper, res); + return; + } else if (path.startsWith("/fonts/")) { + fontServlet.service(reqWrapper, res); + return; + } + } + + if (isPolyGerritIndex(path)) { + polyGerritIndex.service(reqWrapper, res); return; - } else if (path.startsWith("/fonts/")) { - fontServlet.service(reqWrapper, res); + } + if (isPolyGerritAsset(path)) { + polygerritUI.service(reqWrapper, res); return; } } - if (isPolyGerritIndex(path)) { - polyGerritIndex.service(reqWrapper, res); - return; - } - if (isPolyGerritAsset(path)) { - polygerritUI.service(reqWrapper, res); - return; - } - chain.doFilter(req, res); } |