diff --git a/deploy/app.js b/deploy/app.js
index e2260239c9dc507b9079e7a510b2750c20c5d27d..bd6d3be4b0de6ce041fbafdb6f250d1b7d50d797 100644
--- a/deploy/app.js
+++ b/deploy/app.js
@@ -44,6 +44,11 @@ const PUBLIC_PATH = process.env.NODE_ENV === 'production'
? path.join(__dirname, 'public')
: path.join(__dirname, '..', 'dist', 'aot')
+app.use((_req, res, next) => {
+ res.setHeader('Referrer-Policy', 'origin-when-cross-origin')
+ next()
+})
+
app.use(express.static(PUBLIC_PATH))
app.use((req, res, next) => {
diff --git a/src/atlasViewer/atlasViewer.constantService.service.ts b/src/atlasViewer/atlasViewer.constantService.service.ts
index 47f220b7b59260a642d44bac283a1b8b704b12b3..cdcdbd71ed6b74084e717678edf0d7bd01a61b98 100644
--- a/src/atlasViewer/atlasViewer.constantService.service.ts
+++ b/src/atlasViewer/atlasViewer.constantService.service.ts
@@ -41,7 +41,7 @@ export class AtlasViewerConstantsServices{
* raceFetch
*/
public raceFetch = (url) => Promise.race([
- fetch(url),
+ fetch(url, this.getFetchOption()),
new Promise((_, reject) => setTimeout(() => {
reject(`fetch did not resolve under ${this.TIMEOUT} ms`)
}, this.TIMEOUT)) as Promise<Response>
@@ -58,7 +58,7 @@ export class AtlasViewerConstantsServices{
/* to be provided by KG in future */
public templateUrlsPr : Promise<string[]> = new Promise((resolve, reject) => {
- fetch(`${this.backendUrl}templates`)
+ fetch(`${this.backendUrl}templates`, this.getFetchOption())
.then(res => res.json())
.then(arr => {
this.templateUrls = arr
@@ -155,6 +155,23 @@ Interactive atlas viewer requires **webgl2.0**, and the \`EXT_color_buffer_float
public mobileWarningHeader = `Power and Network Usage warning`
public mobileWarning = `It looks like you are on a mobile device. Please note that the atlas viewer is power and network usage intensive.`
+ /**
+ * When the selected regions becomes exceedingly many, referer header often gets too hard
+ * in nginx, it can result in 400 header to large
+ * as result, trim referer to only template and parcellation selected
+ */
+ private getScopedReferer(): string{
+ const url = new URL(window.location.href)
+ url.searchParams.delete('regionsSelected')
+ return url.toString()
+ }
+
+ public getFetchOption() : RequestInit{
+ return {
+ referrer: this.getScopedReferer()
+ }
+ }
+
get floatingWidgetStartingPos() : [number,number]{
return [400,100]
}
@@ -264,7 +281,7 @@ Interactive atlas viewer requires **webgl2.0**, and the \`EXT_color_buffer_float
*/
const meta = 'res/json/allAggregatedData.json'
- fetch(meta)
+ fetch(meta, this.getFetchOption())
.then(res=>res.json())
.then(metadata=>{
const data = metadata.reduce((acc:[string,Map<string,{properties:Property}>][],curr:any)=>{
diff --git a/src/atlasViewer/atlasViewer.dataService.service.ts b/src/atlasViewer/atlasViewer.dataService.service.ts
index b974d8536374bc1d38c467e935d5543ee2691352..e19a8c363580c18d47209bb8b79c7e98a619326a 100644
--- a/src/atlasViewer/atlasViewer.dataService.service.ts
+++ b/src/atlasViewer/atlasViewer.dataService.service.ts
@@ -56,6 +56,11 @@ export class AtlasViewerDataService implements OnDestroy{
}
+ /**
+ * TODO
+ * DEPRECATED
+ */
+
/* all units in mm */
public spatialSearch(obj:any){
const {center,searchWidth,templateSpace,pageNo} = obj
diff --git a/src/atlasViewer/atlasViewer.pluginService.service.ts b/src/atlasViewer/atlasViewer.pluginService.service.ts
index 7adc864521c39d581871bd6be3b1a8172e065ed4..f7e2c5ef7414599ffe7029c97303d3eb1fba1655 100644
--- a/src/atlasViewer/atlasViewer.pluginService.service.ts
+++ b/src/atlasViewer/atlasViewer.pluginService.service.ts
@@ -44,17 +44,17 @@ export class PluginServices{
* PLUGINDEV should return an array of
*/
PLUGINDEV
- ? fetch(PLUGINDEV).then(res => res.json())
+ ? fetch(PLUGINDEV, this.constantService.getFetchOption()).then(res => res.json())
: Promise.resolve([]),
new Promise(resolve => {
- fetch(`${this.constantService.backendUrl}plugins`)
+ fetch(`${this.constantService.backendUrl}plugins`, this.constantService.getFetchOption())
.then(res => res.json())
.then(arr => Promise.all(
arr.map(url => new Promise(rs =>
/**
* instead of failing all promises when fetching manifests, only fail those that fails to fetch
*/
- fetch(url).then(res => res.json()).then(rs).catch(e => (console.log('fetching manifest error', e), rs(null))))
+ fetch(url, this.constantService.getFetchOption()).then(res => res.json()).then(rs).catch(e => (console.log('fetching manifest error', e), rs(null))))
)
))
.then(manifests => resolve(
@@ -67,7 +67,7 @@ export class PluginServices{
Promise.all(
BUNDLEDPLUGINS
.filter(v => typeof v === 'string')
- .map(v => fetch(`res/plugin_examples/${v}/manifest.json`).then(res => res.json()))
+ .map(v => fetch(`res/plugin_examples/${v}/manifest.json`, this.constantService.getFetchOption()).then(res => res.json()))
)
.then(arr => arr.reduce((acc,curr) => acc.concat(curr) ,[]))
])
@@ -94,14 +94,14 @@ export class PluginServices{
isDefined(plugin.template) ?
Promise.resolve('template already provided') :
isDefined(plugin.templateURL) ?
- fetch(plugin.templateURL)
+ fetch(plugin.templateURL, this.constantService.getFetchOption())
.then(res=>res.text())
.then(template=>plugin.template = template) :
Promise.reject('both template and templateURL are not defined') ,
isDefined(plugin.script) ?
Promise.resolve('script already provided') :
isDefined(plugin.scriptURL) ?
- fetch(plugin.scriptURL)
+ fetch(plugin.scriptURL, this.constantService.getFetchOption())
.then(res=>res.text())
.then(script=>plugin.script = script) :
Promise.reject('both script and scriptURL are not defined')
diff --git a/src/atlasViewer/atlasViewer.urlService.service.ts b/src/atlasViewer/atlasViewer.urlService.service.ts
index 77cfd7e1e5210ee4d8a8d63997c409ca676def96..ceeaa9fba07cdcc41a0700f30d74b6ada195f20b 100644
--- a/src/atlasViewer/atlasViewer.urlService.service.ts
+++ b/src/atlasViewer/atlasViewer.urlService.service.ts
@@ -209,7 +209,7 @@ export class AtlasViewerURLService{
const pluginStates = searchparams.get('pluginStates')
if(pluginStates){
const arrPluginStates = pluginStates.split('__')
- arrPluginStates.forEach(url => fetch(url).then(res => res.json()).then(json => this.pluginService.launchNewWidget(json)).catch(console.error))
+ arrPluginStates.forEach(url => fetch(url, this.constantService.getFetchOption()).then(res => res.json()).then(json => this.pluginService.launchNewWidget(json)).catch(console.error))
}
})
diff --git a/src/services/auth.service.ts b/src/services/auth.service.ts
index 20a8f38d1fe204320dff0061d34d24497866783a..b3019e8bba440ad2c44dcc4d5cb518b02a43c693 100644
--- a/src/services/auth.service.ts
+++ b/src/services/auth.service.ts
@@ -1,4 +1,5 @@
import { Injectable } from "@angular/core";
+import { AtlasViewerConstantsServices } from "src/atlasViewer/atlasViewer.constantService.service";
const IV_REDIRECT_TOKEN = `IV_REDIRECT_TOKEN`
@@ -19,8 +20,8 @@ export class AuthService{
href: 'hbp-oidc/auth'
}]
- constructor() {
- fetch('user')
+ constructor(constantService: AtlasViewerConstantsServices) {
+ fetch('user', constantService.getFetchOption())
.then(res => res.json())
.then(user => this.user = user)
.catch(e => {
diff --git a/src/ui/databrowserModule/databrowser.service.ts b/src/ui/databrowserModule/databrowser.service.ts
index 5baa496dc446a07906ffb41a99358a134d98a357..c01ece7f3b148384e4d700bec54ab00dfd904635 100644
--- a/src/ui/databrowserModule/databrowser.service.ts
+++ b/src/ui/databrowserModule/databrowser.service.ts
@@ -127,7 +127,7 @@ export class DatabrowserService implements OnDestroy{
const pt1 = center.map(v => (v - searchWidth).toFixed(SPATIAL_SEARCH_PRECISION))
const pt2 = center.map(v => (v + searchWidth).toFixed(SPATIAL_SEARCH_PRECISION))
- return from(fetch(`${this.constantService.backendUrl}datasets/spatialSearch/templateName/${encodedTemplateName}/bbox/${pt1.join('_')}__${pt2.join("_")}`)
+ return from(fetch(`${this.constantService.backendUrl}datasets/spatialSearch/templateName/${encodedTemplateName}/bbox/${pt1.join('_')}__${pt2.join("_")}`, this.constantService.getFetchOption())
.then(res => res.json()))
}),
catchError((err) => (console.log(err), of([])))
@@ -197,7 +197,7 @@ export class DatabrowserService implements OnDestroy{
public fetchPreviewData(datasetName: string){
const encodedDatasetName = encodeURI(datasetName)
return new Promise((resolve, reject) => {
- fetch(`${this.constantService.backendUrl}datasets/preview/${encodedDatasetName}`)
+ fetch(`${this.constantService.backendUrl}datasets/preview/${encodedDatasetName}`, this.constantService.getFetchOption())
.then(res => res.json())
.then(resolve)
.catch(reject)
@@ -235,9 +235,9 @@ export class DatabrowserService implements OnDestroy{
const encodedTemplateName = encodeURI(templateName)
const encodedParcellationName = encodeURI(parcellationName)
return Promise.all([
- fetch(`${this.constantService.backendUrl}datasets/templateName/${encodedTemplateName}`)
+ fetch(`${this.constantService.backendUrl}datasets/templateName/${encodedTemplateName}`, this.constantService.getFetchOption())
.then(res => res.json()),
- fetch(`${this.constantService.backendUrl}datasets/parcellationName/${encodedParcellationName}`)
+ fetch(`${this.constantService.backendUrl}datasets/parcellationName/${encodedParcellationName}`, this.constantService.getFetchOption())
.then(res => res.json())
])
.then(arr => [...arr[0], ...arr[1]])
diff --git a/src/util/worker.js b/src/util/worker.js
index 44eeeeb5144cdee87833e80c3fb76c525551868d..dd374c4c0d5457ac97783d3e08f671b054e36678 100644
--- a/src/util/worker.js
+++ b/src/util/worker.js
@@ -18,7 +18,9 @@ const checkMeshes = (action) => {
/* filtering now done on the angular level */
const baseUrl = action.baseUrl
- fetch(`${baseUrl}/info`)
+ fetch(`${baseUrl}/info`, {
+ referrerPolicy: 'no-referrer'
+ })
.then(res => res.json())
.then(({mesh}) => {
if (mesh)
@@ -27,7 +29,9 @@ const checkMeshes = (action) => {
throw new Error('mesh does not exist')
})
.then(meshPath => action.indices.forEach(index => {
- fetch(`${baseUrl}/${meshPath}/${index}:0`)
+ fetch(`${baseUrl}/${meshPath}/${index}:0`, {
+ referrerPolicy: 'no-referrer'
+ })
.then(res => res.json())
.then(json => {
/* the perspectiveEvent only counts json that has fragments as a part of meshLoaded */
diff --git a/webpack.dev.js b/webpack.dev.js
index 3fe037c472f808ff4a811607d1992412c5e30d72..d32be20fe85174ca5ae969f2d1b99ca43d87558b 100644
--- a/webpack.dev.js
+++ b/webpack.dev.js
@@ -20,5 +20,10 @@ module.exports = merge(common,ngAssets,staticAssets,{
new HtmlWebpackPlugin({
template : 'src/index.html'
})
- ]
+ ],
+ devServer: {
+ headers: {
+ 'Referrer-Policy': 'origin-when-cross-origin'
+ }
+ }
})
\ No newline at end of file