X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FGigi.java;h=37d0e62a0b6cdda673ecf668f9bf806d5353b115;hp=bf6c32edc2404126276fcf140842cb18f80a0cab;hb=4b9842acd7dd0e79de8fc3f88cb8241f9b2f134e;hpb=d7be034f96e06985f57d86d2779c434276b5bd4d
diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index bf6c32ed..37d0e62a 100644
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -23,6 +23,7 @@ import javax.servlet.http.HttpSession;
import org.cacert.gigi.database.DatabaseConnection;
import org.cacert.gigi.database.DatabaseConnection.Link;
import org.cacert.gigi.dbObjects.CACertificate;
+import org.cacert.gigi.dbObjects.CATS.CATSType;
import org.cacert.gigi.dbObjects.CertificateProfile;
import org.cacert.gigi.dbObjects.DomainPingConfiguration;
import org.cacert.gigi.localisation.Language;
@@ -33,6 +34,7 @@ import org.cacert.gigi.output.SimpleMenuItem;
import org.cacert.gigi.output.template.Form.CSRFException;
import org.cacert.gigi.output.template.Outputable;
import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.AboutPage;
import org.cacert.gigi.pages.HandlesMixedRequest;
import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.pages.LogoutPage;
@@ -62,11 +64,11 @@ import org.cacert.gigi.pages.main.RegisterPage;
import org.cacert.gigi.pages.orga.CreateOrgPage;
import org.cacert.gigi.pages.orga.ViewOrgPage;
import org.cacert.gigi.pages.wot.AssurePage;
-import org.cacert.gigi.pages.wot.MyListingPage;
import org.cacert.gigi.pages.wot.MyPoints;
import org.cacert.gigi.pages.wot.RequestTTPPage;
import org.cacert.gigi.ping.PingerDaemon;
import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.DomainAssessment;
import org.cacert.gigi.util.ServerConstants;
public final class Gigi extends HttpServlet {
@@ -126,6 +128,7 @@ public final class Gigi extends HttpServlet {
});
putPage("/", new MainPage(), null);
putPage("/roots", new RootCertPage(truststore), "SomeCA.org");
+ putPage("/about", new AboutPage(), "SomeCA.org");
putPage("/secure", new TestSecure(), null);
putPage(Verify.PATH, new Verify(), null);
@@ -137,7 +140,6 @@ public final class Gigi extends HttpServlet {
putPage(AssurePage.PATH + "/*", new AssurePage(), "Web of Trust");
putPage(MyPoints.PATH, new MyPoints(), "Web of Trust");
- putPage(MyListingPage.PATH, new MyListingPage(), "Web of Trust");
putPage(RequestTTPPage.PATH, new RequestTTPPage(), "Web of Trust");
putPage(TTPAdminPage.PATH + "/*", new TTPAdminPage(), "Admin");
@@ -232,6 +234,7 @@ public final class Gigi extends HttpServlet {
}
testing = conf.getProperty("testing") != null;
instance = this;
+ DomainAssessment.init(conf);
DatabaseConnection.init(conf);
this.truststore = truststore;
pinger = new PingerDaemon(truststore);
@@ -249,6 +252,7 @@ public final class Gigi extends HttpServlet {
try (Link l = DatabaseConnection.newLink(false)) {
CACertificate.getById(1);
CertificateProfile.getById(1);
+ CATSType.ASSURER_CHALLENGE.getDisplayName();
} catch (InterruptedException e) {
throw new Error(e);
}
@@ -326,10 +330,9 @@ public final class Gigi extends HttpServlet {
// it always
String originHeader = req.getHeader("Origin");
if (originHeader != null //
- &&
- !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
+ && !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
originHeader.matches("^" + Pattern.quote("http://" + ServerConstants.getWwwHostNamePort()) + "(/.*|)") || //
- originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
+ originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
resp.setContentType("text/html; charset=utf-8");
resp.getWriter().println("AlertNo cross domain access allowed.
If you don't know why you're seeing this you may have been fished! Please change your password immediately!");
return;