X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FGigi.java;h=cb8c389e2fae0a1b68bc640b5652e9528779aea9;hb=533294134fb42a02b2557c68eda45f47d77e73cc;hp=19954c6089870a517b5d68cd16a4ac0838bd2a29;hpb=4051cdcc800038b556c53b3e4373e6e6a9953721;p=gigi.git

diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index 19954c60..cb8c389e 100644
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -23,6 +23,7 @@ import javax.servlet.http.HttpSession;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.database.DatabaseConnection.Link;
 import org.cacert.gigi.dbObjects.CACertificate;
+import org.cacert.gigi.dbObjects.CATS.CATSType;
 import org.cacert.gigi.dbObjects.CertificateProfile;
 import org.cacert.gigi.dbObjects.DomainPingConfiguration;
 import org.cacert.gigi.localisation.Language;
@@ -68,6 +69,7 @@ import org.cacert.gigi.pages.wot.MyPoints;
 import org.cacert.gigi.pages.wot.RequestTTPPage;
 import org.cacert.gigi.ping.PingerDaemon;
 import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.DomainAssessment;
 import org.cacert.gigi.util.ServerConstants;
 
 public final class Gigi extends HttpServlet {
@@ -234,6 +236,7 @@ public final class Gigi extends HttpServlet {
             }
             testing = conf.getProperty("testing") != null;
             instance = this;
+            DomainAssessment.init(conf);
             DatabaseConnection.init(conf);
             this.truststore = truststore;
             pinger = new PingerDaemon(truststore);
@@ -251,6 +254,7 @@ public final class Gigi extends HttpServlet {
         try (Link l = DatabaseConnection.newLink(false)) {
             CACertificate.getById(1);
             CertificateProfile.getById(1);
+            CATSType.ASSURER_CHALLENGE.getDisplayName();
         } catch (InterruptedException e) {
             throw new Error(e);
         }
@@ -328,10 +332,9 @@ public final class Gigi extends HttpServlet {
         // it always
         String originHeader = req.getHeader("Origin");
         if (originHeader != null //
-                &&
-                !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
+                && !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
                         originHeader.matches("^" + Pattern.quote("http://" + ServerConstants.getWwwHostNamePort()) + "(/.*|)") || //
-                originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
+                        originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
             resp.setContentType("text/html; charset=utf-8");
             resp.getWriter().println("<html><head><title>Alert</title></head><body>No cross domain access allowed.<br/><b>If you don't know why you're seeing this you may have been fished! Please change your password immediately!</b></body></html>");
             return;