Package org.jboss.resteasy.plugins.interceptors

Class CorsFilter

  • All Implemented Interfaces:
    javax.ws.rs.container.ContainerRequestFilter, javax.ws.rs.container.ContainerResponseFilter
    @PreMatching
public class CorsFilter
extends Object
implements javax.ws.rs.container.ContainerRequestFilter, javax.ws.rs.container.ContainerResponseFilter
    Handles CORS requests both preflight and simple CORS requests. You must bind this as a singleton and set up allowedOrigins and other settings to use.
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Field Detail

      • allowCredentials

        protected boolean allowCredentials

      • allowedMethods

        protected String allowedMethods

      • allowedHeaders

        protected String allowedHeaders

      • exposedHeaders

        protected String exposedHeaders

      • corsMaxAge

        protected int corsMaxAge

      • allowedOrigins

        protected Set<String> allowedOrigins

    • Constructor Detail

      • CorsFilter

        public CorsFilter()

    • Method Detail

      • getAllowedOrigins

        public Set<String> getAllowedOrigins()
        Put "*" if you want to accept all origins.
        Returns:
        allowed origins

      • isAllowCredentials

        public boolean isAllowCredentials()
        Defaults to true.
        Returns:
        allow credentials

      • setAllowCredentials

        public void setAllowCredentials​(boolean allowCredentials)

      • getAllowedMethods

        public String getAllowedMethods()
        Will allow all by default.
        Returns:
        allowed methods

      • setAllowedMethods

        public void setAllowedMethods​(String allowedMethods)
        Will allow all by default comma delimited string for Access-Control-Allow-Methods.
        Parameters:
        allowedMethods - allowed methods

      • getAllowedHeaders

        public String getAllowedHeaders()

      • setAllowedHeaders

        public void setAllowedHeaders​(String allowedHeaders)
        Will allow all by default comma delimited string for Access-Control-Allow-Headers.
        Parameters:
        allowedHeaders - allowed headers

      • getCorsMaxAge

        public int getCorsMaxAge()

      • setCorsMaxAge

        public void setCorsMaxAge​(int corsMaxAge)

      • getExposedHeaders

        public String getExposedHeaders()

      • setExposedHeaders

        public void setExposedHeaders​(String exposedHeaders)
        Comma delimited list.
        Parameters:
        exposedHeaders - exposed headers

      • filter

        public void filter​(javax.ws.rs.container.ContainerRequestContext requestContext)
            throws IOException
        Specified by:
        filter in interface javax.ws.rs.container.ContainerRequestFilter
        Throws:
        IOException

      • filter

        public void filter​(javax.ws.rs.container.ContainerRequestContext requestContext,
                   javax.ws.rs.container.ContainerResponseContext responseContext)
            throws IOException
        Specified by:
        filter in interface javax.ws.rs.container.ContainerResponseFilter
        Throws:
        IOException

      • preflight

        protected void preflight​(String origin,
                         javax.ws.rs.container.ContainerRequestContext requestContext)
                  throws IOException
        Throws:
        IOException

      • checkOrigin

        protected void checkOrigin​(javax.ws.rs.container.ContainerRequestContext requestContext,
                           String origin)