Package com.aspectran.web.support.cors
Class AbstractCorsProcessor
- java.lang.Object
-
- com.aspectran.web.support.cors.AbstractCorsProcessor
-
- All Implemented Interfaces:
CorsProcessor
- Direct Known Subclasses:
DefaultCorsProcessor
public abstract class AbstractCorsProcessor extends java.lang.Object implements CorsProcessor
Process an incoming cross-origin (CORS) requests. Encapsulates the CORS processing logic as specified by the W3C candidate recommendation from 2013-01-29.- Since:
- 2.3.0
-
-
Constructor Summary
Constructors Constructor Description AbstractCorsProcessor()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
containsMethod(java.lang.String method)
java.lang.String[]
getAllowedHeaders()
java.lang.String
getAllowedHeadersString()
java.lang.String[]
getAllowedMethods()
java.lang.String
getAllowedMethodsString()
java.lang.String[]
getAllowedOrigins()
java.lang.String[]
getExposedHeaders()
java.lang.String
getExposedHeadersString()
int
getMaxAgeSeconds()
protected boolean
hasAllowedHeaders()
protected boolean
hasAllowedMethods()
protected boolean
hasAllowedOrigins()
protected boolean
hasExposedHeaders()
boolean
isAllowCredentials()
protected boolean
isAllowedHeader(java.lang.String header)
Helper method to check whether the specified HTTP header is supported.protected boolean
isAllowedMethod(java.lang.String method)
Helper method to check whether the specified HTTP method is supported.protected boolean
isAllowedOrigin(java.lang.String origin)
Helper method to check whether requests from the specified origin must be allowed.protected boolean
isCorsRequest(javax.servlet.http.HttpServletRequest request)
Returnstrue
if the request is a valid CORS one.protected boolean
isPreFlightRequest(javax.servlet.http.HttpServletRequest request)
Returnstrue
if the request is a valid CORS pre-flight one.void
setAllowCredentials(boolean allowCredentials)
void
setAllowedHeaders(java.lang.String allowedHeaders)
void
setAllowedHeaders(java.lang.String[] allowedHeaders)
void
setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)
void
setAllowedMethods(java.lang.String allowedMethods)
void
setAllowedMethods(java.lang.String[] allowedMethods)
void
setAllowedMethods(java.util.Set<java.lang.String> allowedMethods)
void
setAllowedOrigins(java.lang.String allowedOrigins)
void
setAllowedOrigins(java.lang.String[] allowedOrigins)
void
setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)
void
setExposedHeaders(java.lang.String exposedHeaders)
void
setExposedHeaders(java.lang.String[] exposedHeaders)
void
setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)
void
setMaxAgeSeconds(int maxAgeSeconds)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.aspectran.web.support.cors.CorsProcessor
processActualRequest, processPreflightRequest, sendError
-
-
-
-
Method Detail
-
getAllowedOrigins
public java.lang.String[] getAllowedOrigins()
-
setAllowedOrigins
public void setAllowedOrigins(java.lang.String allowedOrigins)
-
setAllowedOrigins
public void setAllowedOrigins(java.lang.String[] allowedOrigins)
-
setAllowedOrigins
public void setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)
-
getAllowedMethods
public java.lang.String[] getAllowedMethods()
-
containsMethod
public boolean containsMethod(java.lang.String method)
-
getAllowedMethodsString
public java.lang.String getAllowedMethodsString()
-
setAllowedMethods
public void setAllowedMethods(java.lang.String allowedMethods)
-
setAllowedMethods
public void setAllowedMethods(java.lang.String[] allowedMethods)
-
setAllowedMethods
public void setAllowedMethods(java.util.Set<java.lang.String> allowedMethods)
-
getAllowedHeaders
public java.lang.String[] getAllowedHeaders()
-
getAllowedHeadersString
public java.lang.String getAllowedHeadersString()
-
setAllowedHeaders
public void setAllowedHeaders(java.lang.String allowedHeaders)
-
setAllowedHeaders
public void setAllowedHeaders(java.lang.String[] allowedHeaders)
-
setAllowedHeaders
public void setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)
-
getExposedHeaders
public java.lang.String[] getExposedHeaders()
-
getExposedHeadersString
public java.lang.String getExposedHeadersString()
-
setExposedHeaders
public void setExposedHeaders(java.lang.String exposedHeaders)
-
setExposedHeaders
public void setExposedHeaders(java.lang.String[] exposedHeaders)
-
setExposedHeaders
public void setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)
-
isAllowCredentials
public boolean isAllowCredentials()
-
setAllowCredentials
public void setAllowCredentials(boolean allowCredentials)
-
getMaxAgeSeconds
public int getMaxAgeSeconds()
-
setMaxAgeSeconds
public void setMaxAgeSeconds(int maxAgeSeconds)
-
hasAllowedOrigins
protected boolean hasAllowedOrigins()
-
hasAllowedMethods
protected boolean hasAllowedMethods()
-
hasAllowedHeaders
protected boolean hasAllowedHeaders()
-
hasExposedHeaders
protected boolean hasExposedHeaders()
-
isAllowedOrigin
protected boolean isAllowedOrigin(java.lang.String origin)
Helper method to check whether requests from the specified origin must be allowed.- Parameters:
origin
- The origin as reported by the web client (browser),null
if unknown.- Returns:
true
if the origin is allowed, elsefalse
.
-
isAllowedMethod
protected boolean isAllowedMethod(java.lang.String method)
Helper method to check whether the specified HTTP method is supported. This is done by looking upallowedMethods
. GET and HEAD, must never be disabled and should not return 405 error code.- Parameters:
method
- The HTTP method.- Returns:
true
if the method is supported, elsefalse
.
-
isAllowedHeader
protected boolean isAllowedHeader(java.lang.String header)
Helper method to check whether the specified HTTP header is supported.- Parameters:
header
- the HTTP header- Returns:
true
if the header is supported, elsefalse
.
-
isCorsRequest
protected boolean isCorsRequest(javax.servlet.http.HttpServletRequest request)
Returnstrue
if the request is a valid CORS one.- Parameters:
request
- the http request- Returns:
true
if the request is a valid CORS one, elsefalse
-
isPreFlightRequest
protected boolean isPreFlightRequest(javax.servlet.http.HttpServletRequest request)
Returnstrue
if the request is a valid CORS pre-flight one.- Parameters:
request
- the http request- Returns:
true
if the request is a valid CORS pre-flight one, elsefalse
-
-