- private String makeDynTempl(String in, Page p) {
- int year = Calendar.getInstance().get(Calendar.YEAR);
- in = in.replaceAll("\\$title\\$", p.getTitle());
- in = in.replaceAll("\\$year\\$", year + "");
- return in;
+
+ private Page getPage(String pathInfo) {
+ if (pathInfo.endsWith("/") && !pathInfo.equals("/")) {
+ pathInfo = pathInfo.substring(0, pathInfo.length() - 1);
+ }
+ Page page = pages.get(pathInfo);
+ if (page != null) {
+ return page;
+ }
+ page = pages.get(pathInfo + "/*");
+ if (page != null) {
+ return page;
+ }
+ int idx = pathInfo.lastIndexOf('/');
+ pathInfo = pathInfo.substring(0, idx);
+
+ page = pages.get(pathInfo + "/*");
+ if (page != null) {
+ return page;
+ }
+ return null;
+
+ }
+
+ public static void addXSSHeaders(HttpServletResponse hsr) {
+ hsr.addHeader("Access-Control-Allow-Origin", "https://" + ServerConstants.getWwwHostNamePort() + " https://"
+ + ServerConstants.getSecureHostNamePort());
+ hsr.addHeader("Access-Control-Max-Age", "60");
+
+ hsr.addHeader("Content-Security-Policy", getDefaultCSP());
+ hsr.addHeader("Strict-Transport-Security", "max-age=31536000");
+