Contact us
Create app
com.vaadin.flow.server.
Package com.vaadin.flow.server

Class HandlerHelper

java.lang.Object
com.vaadin.flow.server.HandlerHelper

All Implemented Interfaces:

Serializable

public class HandlerHelper extends Object implements Serializable

Contains helper methods for VaadinServlet and generally for handling VaadinRequests.

Since:

1.0

See Also:

  • Method Details

    • isRequestType

      public static boolean isRequestType(VaadinRequest request, HandlerHelper.RequestType requestType)

      Returns whether the given request is of the given type.

      Parameters:

      request - the request to check

      requestType - the type to check for

      Returns:

      true if the request is of the given type, false otherwise

    • isFrameworkInternalRequest

      public static boolean isFrameworkInternalRequest(String servletMappingPath, jakarta.servlet.http.HttpServletRequest request)

      Checks whether the request is an internal request. The requests listed in HandlerHelper.RequestType are considered internal as they are needed for applications to work.

      Requests for routes, static resources requests and similar are not considered internal requests.

      Parameters:

      servletMappingPath - the path the Vaadin servlet is mapped to, with or without and ending "/*"

      request - the servlet request

      Returns:

      true if the request is Vaadin internal, false otherwise

    • getPathIfInsideServlet

      public static Optional<String> getPathIfInsideServlet(String servletMappingPath, String requestedPath)

      Returns the rest of the path after the servlet mapping part, if the requested path targets a path inside the servlet.

      Parameters:

      servletMappingPath - the servlet mapping from the servlet configuration

      requestedPath - the request path relative to the context root

      Returns:

      an optional containing the path relative to the servlet if the request is inside the servlet mapping, an empty optional otherwise

    • getRequestPathInsideContext

      public static String getRequestPathInsideContext(jakarta.servlet.http.HttpServletRequest request)

      Returns the requested path inside the context root.

      Parameters:

      request - the servlet request

      Returns:

      the path inside the context root, not including the slash after the context root path

    • findLocale

      public static Locale findLocale(VaadinSession session, VaadinRequest request)

      Helper to find the most most suitable Locale. These potential sources are checked in order until a Locale is found:

      1. The passed component (or UI) if not null
      2. UI.getCurrent() if defined
      3. The passed session if not null
      4. VaadinSession.getCurrent() if defined
      5. The passed request if not null
      6. VaadinService.getCurrentRequest() if defined
      7. Locale.getDefault()

      Parameters:

      session - the session that is searched for locale or null if not available

      request - the request that is searched for locale or null if not available

      Returns:

      the found locale

    • setResponseNoCacheHeaders

      public static void setResponseNoCacheHeaders(BiConsumer<String,String> headerSetter, BiConsumer<String,Long> longHeaderSetter)

      Sets no cache headers to the specified response.

      Parameters:

      headerSetter - setter for string value headers

      longHeaderSetter - setter for long value headers

    • getCancelingRelativePath

      public static String getCancelingRelativePath(String pathToCancel)

      Gets a relative path that cancels the provided path. This essentially adds one .. for each part of the path to cancel.

      Parameters:

      pathToCancel - the path that should be canceled

      Returns:

      a relative path that cancels out the provided path segment

    • isPathUnsafe

      public static boolean isPathUnsafe(String path)

      Checks if the given URL path contains the directory change instruction (dot-dot), taking into account possible double encoding in hexadecimal format, which can be injected maliciously.

      Parameters:

      path - the URL path to be verified.

      Returns:

      true, if the given path has a directory change instruction, false otherwise.

    • getPublicResources

      public static String[] getPublicResources()

      URLs matching these patterns should be publicly available for applications to work. Can be used for defining a bypass for rules in e.g. Spring Security.

      These paths are relative to a potential Vaadin mapping

    • getPublicResourcesRoot

      public static String[] getPublicResourcesRoot()

      URLs matching these patterns should be publicly available for applications to work. Can be used for defining a bypass for rules in e.g. Spring Security.

      These URLs are always relative to the root path and independent of any Vaadin mapping

    • getIconVariants

      public static List<String> getIconVariants(String iconPath)

      Gets the paths of the PWA icon variants for the given base icon.

      Parameters:

      iconPath - path of the base icon.

      Returns:

      list of paths of icon variants.

    • getPublicResourcesRequiringSecurityContext

      public static String[] getPublicResourcesRequiringSecurityContext()

      URLs matching these patterns should be publicly available for applications to work but might require a security context, i.e. authentication information.

Copyright © 2025. All rights reserved.