Package eu.webtoolkit.jwt

Class Configuration

  • public class Configuration
extends java.lang.Object
    JWt application configuration class.

    This class holds the configuration for JWt, controlling general features of the interaction between the browser and the web application.

    See Also:
    WtServlet.getConfiguration()

    • Constructor Detail

      • Configuration

        public Configuration()
        Creates a default configuration.

      • Configuration

        public Configuration​(java.io.File configurationFile)
        Reads a configuration from an XML file.

        An example configuration file can be found in the JWt source distribution.

        Parameters:
        configurationFile -

    • Method Detail

      • setProperties

        public void setProperties​(java.util.HashMap<java.lang.String,​java.lang.String> properties)
        Sets properties.
        Examples:
        • smtp.host: SMTP host used by JWt to send out emails
        • smtp.port: SMTP port used by JWt to send out emails
        Parameters:
        properties -
        See Also:
        getProperties(), getProperty(String)

      • getProperties

        public java.util.HashMap<java.lang.String,​java.lang.String> getProperties()
        Returns configured properties.

        Properties may be used to adapt applications to their deployment environment.

        Returns:
        a map of all properties.

      • getProperty

        public java.lang.String getProperty​(java.lang.String name)
        Returns a property value.

        Properties may be used to adapt applications to their deployment environment.

        Parameters:
        name -
        Returns:
        the property value, or null if the property has not been defined.

      • setRedirectMessage

        public void setRedirectMessage​(java.lang.String redirectMessage)
        Sets the plain-HTML redirect message.

        By default, JWt will use an automatic redirect to start the application when the browser does not support JavaScript. However, browsers are not required to follow the redirection, and in some situations (when using XHTML), such automatic redirection is not supported.

        This configures the text that is shown in the anchor which the user may click to be redirected to a basic HTML version of your application.

      • getRedirectMessage

        public java.lang.String getRedirectMessage()
        Returns the plain-HTML redirect message.
        Returns:
        the plain-HTML redirect message.
        See Also:
        setRedirectMessage(String)

      • setSendXHTMLMimeType

        @Deprecated
public void setSendXHTMLMimeType​(boolean sendXHTMLMimeType)
        Deprecated.
        No longer required thanks to HTML5. Setting this value will have no effect.
        Sets whether XHTML should be used (if supported by the client).

        JWt renders XHTML1 (XML variant of HTML) that is backward-compatible with HTML. Using XHTML, JWt is capable of supporting XHTML-only features such as embedded SVG or MathML.

        When enabled, JWt sets an XHTML mime-type (application/xhtml+xml) when the browser reports support for it. Most notably, Internet Explorer does not support it. Because XHTML and HTML are slightly different with respect to default CSS rules, you may want to disable sending the XHTML mime-type all-together, at least if you are not using SVG (used by the WPaintedWidget).

      • sendXHTMLMimeType

        public boolean sendXHTMLMimeType()
        Returns whether XHTML should be used (if supported by the client).
        Returns:
        whether XHTML should be used.
        See Also:
        setSendXHTMLMimeType(boolean)

      • setDebug

        @Deprecated
public void setDebug​(boolean how)
        Deprecated.
        use setErrorReporting(ErrorReporting) instead.
        Configures debugging.

        Currently, the only effect of debugging is that JavaScript exceptions are not caught but allowed to propagate so that you can inspect the stack trace.

        Debugging is off by default.

      • debug

        @Deprecated
public boolean debug()
        Deprecated.
        use getErrorReporting() instead.
        Returns whether debugging is enabled.
        Returns:
        whether debugging is enabled.
        See Also:
        setDebug(boolean)

      • getServerPushTimeout

        public int getServerPushTimeout()
        Returns the server push timeout (seconds).

        When using server-initiated updates, the client uses long-polling requests. Proxies (including reverse proxies) are notorious for silently closing idle requests; the client therefore cancels the request periodically and issues a new one. This timeout sets the frequency.

        The default timeout is 50 seconds.

        See Also:
        setServerPushTimeout(int)

      • setServerPushTimeout

        public void setServerPushTimeout​(int timeout)
        Sets the server push timeout (seconds).

        When using server-initiated updates, the client uses long-polling requests. Proxies (including reverse proxies) are notorious for silently closing idle requests; the client therefore cancels the request periodically and issues a new one. This timeout sets the frequency.

        The default timeout is 50 seconds.

        See Also:
        getServerPushTimeout()

      • setInlineCss

        public void setInlineCss​(boolean inlineCss)
        Sets whether inline CSS may be generated.

        This option configures whether CSS rules added to the inline stylesheet WApplication.getStyleSheet() are rendered.

        Some pedantic accessibility guidelines may forbid inline CSS.

        Note: some widgets, such as WTreeView, dynamically manipulate rules in this stylesheet, and will no longer work properly when inline CSS is disabled.

        Parameters:
        inlineCss -

      • isInlineCss

        public boolean isInlineCss()
        Returns whether inline CSS may be generated.
        Returns:
        whether inline CSS may be generated.
        See Also:
        setInlineCss(boolean)

      • isWebglDetect

        public boolean isWebglDetect()

      • setWebglDetect

        public void setWebglDetect​(boolean detect)
        Sets whether or not WebGL support is to be detected.

        This option will try to create a webgl-context to verify the browser is able to render it. This is necessary when using WGLWidget.

        This can take up some load time. When your application does not use WGLWidget, this option can be set to false. It will improve the initial loading time of the web application.

      • setAjaxAgentList

        public void setAjaxAgentList​(java.util.ArrayList<java.lang.String> ajaxAgentList,
                             boolean isWhiteList)
        Configures agents that may be served an AJAX version of the application.

        When isWhiteList is true, the given list exhaustively indicates all user agents that will be served an AJAX version of the application. When isWhiteList is false, the given list excludes some user agents that may be served an AJAX version of the application.

        Each entry in ajaxAgentList is a regular expression against which the browser-reported user agent is compared.

        By default, JWt will serve an AJAX version when JavaScript and AJAX support are detected.

        Parameters:
        ajaxAgentList - a list of regular expressions that identify user agents
        isWhiteList - whether the list is a white list or black list.

      • agentSupportsAjax

        public boolean agentSupportsAjax​(java.lang.String userAgent)
        Returns whether the user agent should be considered as one with Ajax support.
        Returns:
        whether the user agent should be considered as one with Ajax support.
        See Also:
        setAjaxAgentList(ArrayList, boolean)

      • setBotList

        public void setBotList​(java.util.ArrayList<java.lang.String> botList)
        Sets the list of bots.

        JWt considers three types of sessions:

        • AJAX sessions: use AJAX and JavaScript
        • plain HTML sessions: use plain old server GETs and POSTs
        • bots: have clean internal paths (see WApplication.setInternalPath(String)) and no persistent sessions
        By default, JWt does a browser detection to distinguish between the first two: if a browser supports JavaScript (and has it enabled), and has an AJAX DOM API, then AJAX sessions are chosen, otherwise plain HTML sessions.

        Here, you can specify user agents that should be should be treated as bots.

        The default configuration sets the following list:

        • .*bot.*
        • .*Bot.*
        • .*crawler.*
        • .*Crawler.*
        • .*spider.*
        • .*Spider.*
        • .*Slurp.*
        • .*Bot.*
        • .*ia_archiver.*
        • .*Twiceler.*

      • getBotList

        public java.util.ArrayList<java.lang.String> getBotList()
        Returns the list of user agents that are treated as bots.
        Returns:
        the list of user agents that are treated as bots.
        See Also:
        setBotList(ArrayList)

      • agentIsBot

        public boolean agentIsBot​(java.lang.String userAgent)
        Returns whether the user agent is a bot.
        See Also:
        setBotList(ArrayList)

      • setFavicon

        public void setFavicon​(java.lang.String favicon)
        Configures a path to a favicon. By default, a browser will fetch a favicon from "/favicon.ico".
        Using this setting, you may provide a custom path to the favicon.

        The default value is "/favicon.ico".

      • getFavicon

        public java.lang.String getFavicon()
        Returns the path for the favicon
        Returns:
        the path for the favicon
        See Also:
        setFavicon(String)

      • setProgressiveBootstrap

        public void setProgressiveBootstrap​(boolean enable)
        Sets whether the progressive bootstrap method is used.

        Since JWt 2.99.4, a new bootstrap method has been added (initially proposed by Anthony roger Buck). While the default bootstrap already honors the principle of graceful degradation, this bootstrap implements this using the principle of progressive enhancement (and quite literally so).

        This bootstrap method will initially assume that the user agent is a plain HTML user-agent and immediately create the application (with WEnvironment.hasAjax() always returning false). The initial response will contain the initial page suitable for a plain HTML user-agent.

        JavaScript embedded in this page will sense for AJAX support and trigger a second request which progresses the application to an AJAX application (without repainting the user interface). To that extent, it will change WEnvironment.hasAjax() to return true, and invoke WApplication.enableAjax() which in turn propagates WWidget.enableAjax() through the widget hierarchy. This upgrade happens in the back-ground, unnoticed to the user.

        This mitigates disadvantages associated with the default bootstrap, which implements a browser detection first after it starts the application:

        • the redirection without JavaScript support may not be supported by all user agents, leaving these with a link and a getRedirectMessage().
        • there is an additional round-trip before any contents is rendered
        • for an AJAX user interface, all contents will be loaded through JavaScript. This has a draw-back that IE may delay applying external stylesheets after the contents has been rendered, which might cause some confusion, and some 3rd party JavaScript libraries do not support being loaded on-demand (with as most notable example, Google ads).

      • progressiveBootstrap

        public boolean progressiveBootstrap​(java.lang.String internalPath)
        Returns whether the progressive bootstrap method is used. The method may take into account the internalPath to differentiate between certain deep links which display widgets that do not progress well (such as table views or tree views).
        Parameters:
        internalPath - the initial internal path
        Returns:
        whether the progressive bootstrap method is used.

      • setDelayLoadAtBoot

        public void setDelayLoadAtBoot​(boolean enable)
        Configures whether loading the application is delayed at boot. By default, the loading of the application is delayed. This can in some very specific circumstances lead to the browser waiting several seconds before loading the application. If this is a bug that you are facing, consider setting this to false. This could however impact your code if you inject JS during boot.

      • isDelayLoadAtBoot

        public boolean isDelayLoadAtBoot()
        Returns whether loading of the application is delayed at boot

      • getKeepAlive

        public int getKeepAlive()

      • getMultiSessionCookieTimeout

        public int getMultiSessionCookieTimeout()

      • getSessionTimeout

        public int getSessionTimeout()
        Returns the session timeout.
        Returns:
        the session timeout.

      • getIdleTimeout

        public int getIdleTimeout()
        Returns the idle timeout (in seconds).
        Returns:
        the idle timeout.

      • setIdleTimeout

        public void setIdleTimeout​(int timeout)
        Sets the idle timeout. When the user does not interact with the application for the set number of seconds, WApplication#idleTimeout() is called. By default, this method quits the application immediately, but it can be overridden if different behaviour is desired. This feature can be used to prevent others from taking over a session when the device that the Wt application is being used from is left behind, and is most effective in combination with a fairly short session timeout. The default is -1 (disabled)

      • setMaximumRequestSize

        public void setMaximumRequestSize​(long requestSize)
        Sets the maximum request size (in bytes). The default value is 1MB

      • getDoubleClickTimeout

        public int getDoubleClickTimeout()
        Returns the double click timeout.

      • setDoubleClickTimeout

        public void setDoubleClickTimeout​(int doubleClickTimeout)
        Sets the double click timeout. The default value is 200 (ms).

      • getIndicatorTimeout

        public int getIndicatorTimeout()
        Returns the loading indicator timeout. When a response time for an AJAX call exceeds this time, a loading indicator is shown.
        Returns:
        the loading indicator timeout in milliseconds.

      • setIndicatorTimeout

        public void setIndicatorTimeout​(int timeout)
        Sets the loading indicator timeout. When a response time for an AJAX call exceeds this time, a loading indicator is shown.
        Parameters:
        timeout - the timeout in milliseconds.

      • getBootstrapTimeout

        public int getBootstrapTimeout()

      • setBootstrapTimeout

        public void setBootstrapTimeout​(int timeout)
        Sets the bootstrap timeout.

        This option configures the time (in seconds) after which a new plain HTML session is timed out if it has not been upgraded to an Ajax session.

        Parameters:
        timeout - the timeout in seconds.

      • setUaCompatible

        public void setUaCompatible​(java.lang.String uaCompatible)
        Configures different rendering engines for certain browsers. Currently this is only used to select IE7 compatible rendering engine for IE8, which solves problems of unreliable and slow rendering performance for VML which Microsoft broke in IE8. Before 3.3.0, the default value was IE8=IE7, but since 3.3.0 this has been changed to an empty string (i.e. let IE8 use the standard IE8 rendering engine) to take advantage of IE8's improved CSS support.

      • getUaCompatible

        public java.lang.String getUaCompatible()
        Returns UA compatibility selection
        See Also:
        setUaCompatible(String)

      • setTinyMCEVersion

        public void setTinyMCEVersion​(int version)
        Sets the TinyMCE version to be used. The default version is 3.
        Parameters:
        version - must be 3 or 4
        See Also:
        WTextEdit

      • setWebSocketsEnabled

        public void setWebSocketsEnabled​(boolean enabled)
        Enables or disables the use of web sockets

      • isCookieChecks

        public boolean isCookieChecks()

      • getMaxRequestSize

        public long getMaxRequestSize()
        Returns the maximum request size.

      • getMaxFormDataSize

        public long getMaxFormDataSize()
        Returns the maximum request size.

      • setMaxFormDataSize

        public void setMaxFormDataSize​(int maxFormDataSize)
        Sets the maximum request size.

      • getMaxPendingEvents

        public int getMaxPendingEvents()
        Returns the maximum amount of pending events.

      • setMaxPendingEvents

        public void setMaxPendingEvents​(int maxPendingEvents)
        Sets the maximum amount of pending events.

      • setBehindReverseProxy

        @Deprecated
public void setBehindReverseProxy​(boolean enabled)
        Deprecated.
        Use setTrustedProxies(List) instead. If set to true, the old behavior is used and the upstream server is trusted as being a reverse proxy.
        Configures whether the application is hosted behind a reverse proxy.
        See Also:
        isBehindReverseProxy()

      • isBehindReverseProxy

        @Deprecated
public boolean isBehindReverseProxy()
        Deprecated.
        Use setTrustedProxies(List) and getTrustedProxies() instead.
        Returns whether we are deployment behind a reverse proxy. When configured behind a reverse proxy, typical headers set by the reverse proxy are interpreted correctly: - X-Forwarded-Host - X-Forwarded-Proto
        See Also:
        setBehindReverseProxy(boolean)

      • setOriginalIPHeader

        public void setOriginalIPHeader​(java.lang.String originalIPHeader)
        Sets the header to be considered to derive the client address when behind a reverse proxy. This is X-Forwarded-For by default.
        See Also:
        getOriginalIPHeader(), setTrustedProxies(List)

      • getOriginalIPHeader

        public java.lang.String getOriginalIPHeader()
        Gets the header to be considered to derive the client address when behind a reverse proxy. This is X-Forwarded-For by default.
        See Also:
        setOriginalIPHeader(String)

      • setTrustedProxies

        public void setTrustedProxies​(java.util.List<Configuration.Network> trustedProxies)
        Set the proxy servers or networks that are trusted.

        JWt will only trust proxy headers like X-Forwarded-* headers if the proxy server is in the list of trusted proxies.

        See Also:
        setOriginalIPHeader(String)

      • isTrustedProxy

        public boolean isTrustedProxy​(java.lang.String addressStr)
        Checks whether the given IP address string is a trusted proxy server.
        See Also:
        setTrustedProxies(List)

      • internalDeploymentSize

        public int internalDeploymentSize()

      • setInternalDeploymentSize

        public void setInternalDeploymentSize​(int size)

      • getMetaHeaders

        public java.util.List<MetaHeader> getMetaHeaders()
        Returns configured meta headers.

      • getHeadMatter

        public java.util.List<eu.webtoolkit.jwt.HeadMatter> getHeadMatter()
        Returns configured head matter. Like meta headers, but also supports e.g. <link> tags.

      • getHttpHeaders

        public java.util.List<eu.webtoolkit.jwt.HttpHeader> getHttpHeaders()
        Returns the headers configured to be sent with every HTTP response.

      • setHeadMatter

        public void setHeadMatter​(java.util.List<eu.webtoolkit.jwt.HeadMatter> headMatter)
        Sets (static) head matter. Like meta headers, but also supports e.g. <link> tags.

      • setHttpHeaders

        public void setHttpHeaders​(java.util.List<eu.webtoolkit.jwt.HttpHeader> httpHeaders)
        Sets the headers to send with every HTTP response.

      • setUseScriptNonce

        public void setUseScriptNonce​(boolean enable)
        Configures whether nonces are used. Setting this to true forces every script HTML tag to have the same nonce as the one given in the header of the reply in order to be executed. This nonce is randomly generated for each reply, helping to protect against XSS attacks.
        See Also:
        servlet.WebResponse#getNonce()

      • isUseScriptNonce

        public boolean isUseScriptNonce()
        Returns whether nonces are used.

      • setServePrivateResourcesToBots

        public void setServePrivateResourcesToBots​(boolean enable)
        Configures whether private resources are served to bots. Private resources are resources that are tied to a session in which it was usually created. Such a resource is deleted when the session ends. Since bots do not keep an active session, they cannot access private resources by default. This setting allows you to enable serving private resources to bots by adding them to the public resources. Not all private resources will be served to bots if you set this to true. Only the WResources that have overridden WResource.getBotResource() to return something other than null will be served to bots, which is only the case for WSvgImage and WRasterImage (and the WResource for which you decide to override that method).
        See Also:
        setBotResourcesPath(String), WResource.getBotResource()

      • isServePrivateResourcesToBots

        public boolean isServePrivateResourcesToBots()
        Returns:
        Whether private resources are served to bots.

      • setMaxAutoRemovablePublicResources

        public void setMaxAutoRemovablePublicResources​(int limit)
        Configures the maximum number of auto-removable resources. This setting configures the maximum number of auto-removable resources that can be public at the same time. When a new auto-removable resource is made public and the limit is reached, the oldest auto-removable resource will be automatically removed. If this is set to a negative value, no limit will be enforced. By default, the number of auto-removable resources is limited to 1000.
        See Also:
        WResource.setAllowAutoRemoval(boolean), WResource.getBotResource()

      • setUseXFrameSameOrigin

        public void setUseXFrameSameOrigin​(boolean enable)
        Configures whether the header X-Frame-Option "SAMEORIGIN" is sent when serving the main page or the bootstrap.

      • isUseXFrameSameOrigin

        public boolean isUseXFrameSameOrigin()
        Returns whether the header X-Frame-Option "SAMEORIGIN" is sent when serving the main page or the bootstrap.
        See Also:
        setUseXFrameSameOrigin(boolean)

      • isAllowedOrigin

        public boolean isAllowedOrigin​(java.lang.String origin)

      • setAllowedOrigins

        public void setAllowedOrigins​(java.util.Collection<java.lang.String> origins)
        Sets the list of origins that are allowed for CORS (only supported for WidgetSet entry points) The default is empty (no origins are allowed).

      • getAsyncContextTimeout

        public long getAsyncContextTimeout()
        Get async context timeout for WtServlet requests

      • setAsyncContextTimeout

        public void setAsyncContextTimeout​(long asyncContextTimeout)
        Set async context timeout for WtServlet requests