<?xml version="1.0" encoding="UTF-8"?>\r
-<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\r
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee" \r
- xmlns:web="http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"\r
- version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee">\r
-\r
+<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"\r
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\r
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"\r
+ version="3.1">\r
<display-name>ecomp-sdk-app-os</display-name>\r
\r
<!-- The app can function on a HA cluster -->\r
<distributable />\r
\r
<session-config>\r
- <session-timeout>7</session-timeout>\r
+ <session-timeout>30</session-timeout>\r
<tracking-mode>COOKIE</tracking-mode>\r
</session-config>\r
\r
+ <filter>\r
+ <filter-name>SecurityXssFilter</filter-name>\r
+ <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class>\r
+ </filter> \r
+ <filter-mapping>\r
+ <filter-name>SecurityXssFilter</filter-name>\r
+ <url-pattern>/*</url-pattern>\r
+ </filter-mapping>\r
+\r
+ <!--\r
+ `vid-webpack-master` servlet and it's servlet mapping below, serves\r
+ Angular's index.html for any requests like the following, letting\r
+ the JavaScript router do its magic:\r
+ * /vid/app/ui/\r
+ * /vid/app/ui/servicePlanning\r
+ * /vid/app/ui/browseSdc\r
+ -->\r
+ <servlet>\r
+ <servlet-name>vid-webpack-master</servlet-name>\r
+ <jsp-file>/app/ui/index.html</jsp-file>\r
+ </servlet>\r
+\r
+ <servlet-mapping>\r
+ <servlet-name>vid-webpack-master</servlet-name>\r
+ <url-pattern>/app/ui/</url-pattern>\r
+ </servlet-mapping>\r
+\r
+ <!--\r
+ All the files under the paths below are served as static files, using\r
+ tomcat's `default` servlet. This overrides the `vid-webpack-master`\r
+ url-pattern.\r
+ The filter `charset-to-utf8-filter` adds "charset=UTF-8" to these files\r
+ content type, as the default content-type is platform-dependant (which\r
+ is not ok for Windows stations).\r
+ -->\r
+ <servlet-mapping>\r
+ <servlet-name>default</servlet-name>\r
+ <url-pattern>/app/ui/*</url-pattern>\r
+ </servlet-mapping>\r
+\r
+ <filter>\r
+ <filter-name>charset-to-utf8-filter</filter-name>\r
+ <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>\r
+ <init-param>\r
+ <param-name>encoding</param-name>\r
+ <param-value>UTF-8</param-value>\r
+ </init-param>\r
+ <init-param>\r
+ <param-name>forceEncoding</param-name>\r
+ <param-value>true</param-value>\r
+ </init-param>\r
+ </filter>\r
+\r
+ <filter-mapping>\r
+ <filter-name>charset-to-utf8-filter</filter-name>\r
+ <url-pattern>/app/ui/*</url-pattern>\r
+ </filter-mapping>\r
+ <filter>\r
+ <filter-name>httpHeaderSecurity</filter-name>\r
+ <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>\r
+ <async-supported>true</async-supported>\r
+ <init-param>\r
+ <param-name>antiClickJackingEnabled</param-name>\r
+ <param-value>true</param-value>\r
+ </init-param>\r
+ <init-param>\r
+ <param-name>antiClickJackingOption</param-name>\r
+ <param-value>DENY</param-value>\r
+ </init-param>\r
+ </filter>\r
+ <filter-mapping>\r
+ <filter-name>httpHeaderSecurity</filter-name>\r
+ <url-pattern>/*</url-pattern>\r
+ </filter-mapping>\r
+\r
+ <error-page>\r
+ <error-code>404</error-code>\r
+ <location>/vid/epsdk-app-onap/src/main/webapp/WEB-INF/jsp/errorPage.jsp</location>\r
+ </error-page>\r
</web-app>
\ No newline at end of file