From 2e7e0608d73d358d6a72dbe1ddbfdf106a001f49 Mon Sep 17 00:00:00 2001
From: Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
Date: Thu, 28 Apr 2016 18:09:07 +0200
Subject: [PATCH] IDEA-155360 Open In Browser : files from library jars cannot
 be opened

---
 .../builtInWebServer/BuiltInWebServer.kt      | 35 ++++++++++++-------
 .../DefaultWebServerPathHandler.kt            |  5 +--
 2 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/platform/built-in-server/src/org/jetbrains/builtInWebServer/BuiltInWebServer.kt b/platform/built-in-server/src/org/jetbrains/builtInWebServer/BuiltInWebServer.kt
index dae131732a64..513a36b4a38f 100644
--- a/platform/built-in-server/src/org/jetbrains/builtInWebServer/BuiltInWebServer.kt
+++ b/platform/built-in-server/src/org/jetbrains/builtInWebServer/BuiltInWebServer.kt
@@ -248,11 +248,25 @@ private fun doProcess(urlDecoder: QueryStringDecoder, request: FullHttpRequest,
   return false
 }
 
-internal fun validateToken(request: HttpRequest, channel: Channel): HttpHeaders? {
-  val cookieString = request.headers().get(HttpHeaderNames.COOKIE)
-  if (cookieString != null) {
-    val cookies = ServerCookieDecoder.STRICT.decode(cookieString)
-    for (cookie in cookies) {
+internal fun HttpRequest.isSignedRequest(): Boolean {
+  // we must check referrer - if html cached, browser will send request without query
+  val token = headers().get(TOKEN_HEADER_NAME)
+      ?: QueryStringDecoder(uri()).parameters().get(TOKEN_PARAM_NAME)?.firstOrNull()
+      ?: referrer?.let { QueryStringDecoder(it).parameters().get(TOKEN_PARAM_NAME)?.firstOrNull() }
+
+  if (token != null && tokens.getIfPresent(token) != null) {
+    tokens.invalidate(token)
+    return true
+  }
+  else {
+    return false
+  }
+}
+
+@JvmOverloads
+internal fun validateToken(request: HttpRequest, channel: Channel, isSignedRequest: Boolean = request.isSignedRequest()): HttpHeaders? {
+  request.headers().get(HttpHeaderNames.COOKIE)?.let {
+    for (cookie in ServerCookieDecoder.STRICT.decode(it)) {
       if (cookie.name() == STANDARD_COOKIE.name()) {
         if (cookie.value() == STANDARD_COOKIE.value()) {
           return EmptyHttpHeaders.INSTANCE
@@ -262,18 +276,13 @@ internal fun validateToken(request: HttpRequest, channel: Channel): HttpHeaders?
     }
   }
 
-  val urlDecoder = QueryStringDecoder(request.uri())
-  // we must check referrer - if html cached, browser will send request without query
-  val token = request.headers().get(TOKEN_HEADER_NAME)
-      ?: urlDecoder.parameters().get(TOKEN_PARAM_NAME)?.firstOrNull()
-      ?: request.referrer?.let { QueryStringDecoder(it).parameters().get(TOKEN_PARAM_NAME)?.firstOrNull() }
-  val url = "${channel.uriScheme}://${request.host!!}${urlDecoder.path()}"
-  if (token != null && tokens.getIfPresent(token) != null) {
-    tokens.invalidate(token)
+  if (isSignedRequest) {
     return DefaultHttpHeaders().set(HttpHeaderNames.SET_COOKIE, ServerCookieEncoder.STRICT.encode(STANDARD_COOKIE) + "; SameSite=strict")
   }
 
+  val urlDecoder = QueryStringDecoder(request.uri())
   if (!urlDecoder.path().endsWith("/favicon.ico")) {
+    val url = "${channel.uriScheme}://${request.host!!}${urlDecoder.path()}"
     SwingUtilities.invokeAndWait {
       ProjectUtil.focusProjectWindow(null, true)
 
diff --git a/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt b/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt
index e88bb2c98193..7f8c575a1a9b 100644
--- a/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt
+++ b/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt
@@ -41,7 +41,8 @@ private class DefaultWebServerPathHandler : WebServerPathHandler() {
                        projectName: String,
                        decodedRawPath: String,
                        isCustomHost: Boolean): Boolean {
-    val extraHttpHeaders = validateToken(request, context.channel()) ?: return true
+    val isSignedRequest = request.isSignedRequest()
+    val extraHttpHeaders = validateToken(request, context.channel(), isSignedRequest) ?: return true
 
     val channel = context.channel()
     val pathToFileManager = WebServerPathToFileManager.getInstance(project)
@@ -89,7 +90,7 @@ private class DefaultWebServerPathHandler : WebServerPathHandler() {
     }
 
     // if extraHttpHeaders is not empty, it means that we get request wih token in the query
-    if (extraHttpHeaders.isEmpty && request.origin == null && request.referrer == null && request.isRegularBrowser() && !canBeAccessedDirectly(pathInfo.name)) {
+    if (!isSignedRequest && request.origin == null && request.referrer == null && request.isRegularBrowser() && !canBeAccessedDirectly(pathInfo.name)) {
       HttpResponseStatus.NOT_FOUND.send(context.channel(), request)
       return true
     }
-- 
2.32.0