public final class CorsConfig extends Object
Modifier and Type | Class and Description |
---|---|
static class |
CorsConfig.Builder
Builder used to configure and build a CorsConfig instance.
|
static class |
CorsConfig.DateValueGenerator
This callable is used for the DATE preflight HTTP response HTTP header.
|
Modifier and Type | Method and Description |
---|---|
Set<String> |
allowedRequestHeaders()
Returns the allowed set of Request Headers.
|
Set<HttpMethod> |
allowedRequestMethods()
Returns the allowed set of Request Methods.
|
Set<String> |
exposedHeaders()
Returns a set of headers to be exposed to calling clients.
|
boolean |
isAnyOriginSupported()
Determines whether a wildcard origin, '*', is supported.
|
boolean |
isCorsSupportEnabled()
Determines if support for CORS is enabled.
|
boolean |
isCredentialsAllowed()
Determines if cookies are supported for CORS requests.
|
boolean |
isNullOriginAllowed()
Web browsers may set the 'Origin' request header to 'null' if a resource is loaded
from the local file system.
|
boolean |
isShortCurcuit()
Determines whether a CORS request should be rejected if it's invalid before being
further processing.
|
long |
maxAge()
Gets the maxAge setting.
|
String |
origin()
Returns the allowed origin.
|
Set<String> |
origins()
Returns the set of allowed origins.
|
HttpHeaders |
preflightResponseHeaders()
Returns HTTP response headers that should be added to a CORS preflight response.
|
String |
toString() |
static CorsConfig.Builder |
withAnyOrigin()
Creates a Builder instance with it's origin set to '*'.
|
static CorsConfig.Builder |
withOrigin(String origin)
Creates a
CorsConfig.Builder instance with the specified origin. |
static CorsConfig.Builder |
withOrigins(String... origins)
Creates a
CorsConfig.Builder instance with the specified origins. |
public boolean isCorsSupportEnabled()
true
if support for CORS is enabled, false otherwise.public boolean isAnyOriginSupported()
boolean
true if any origin is allowed.public String origin()
public Set<String> origins()
Set
the allowed origins.public boolean isNullOriginAllowed()
true
if a 'null' origin should be supported.public Set<String> exposedHeaders()
xhr.getResponseHeader("Content-Type");The headers that are available by default are:
List<String>
a list of the headers to expose.public boolean isCredentialsAllowed()
xhr.withCredentials = true;The default value for 'withCredentials' is false in which case no cookies are sent. Settning this to true will included cookies in cross origin requests.
true
if cookies are supported.public long maxAge()
long
the time in seconds that a preflight request may be cached.public Set<HttpMethod> allowedRequestMethods()
Set
of HttpMethod
s that represent the allowed Request Methods.public Set<String> allowedRequestHeaders()
Set<String>
of strings that represent the allowed Request Headers.public HttpHeaders preflightResponseHeaders()
HttpHeaders
the HTTP response headers to be added.public boolean isShortCurcuit()
true
if a CORS request should short-curcuit upon receiving an invalid Origin header.public static CorsConfig.Builder withAnyOrigin()
public static CorsConfig.Builder withOrigin(String origin)
CorsConfig.Builder
instance with the specified origin.CorsConfig.Builder
to support method chaining.public static CorsConfig.Builder withOrigins(String... origins)
CorsConfig.Builder
instance with the specified origins.CorsConfig.Builder
to support method chaining.Copyright © 2008–2015 The Netty Project. All rights reserved.