javax.servlet.Filter
public class CrossOriginFilter
extends java.lang.Object
implements javax.servlet.Filter
A typical example is to use this filter to allow cross-domain cometd communication using the standard long polling transport instead of the JSONP transport (that is less efficient and less reactive to failures).
This filter allows the following configuration parameters:
If an allowed origin contains one or more * characters (for example http://*.domain.com), then "*" characters are converted to ".*", "." characters are escaped to "\." and the resulting allowed origin interpreted as a regular expression.
Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3} that matches http or https, multiple subdomains and any 3 letter top-level domain (.com, .net, .org, etc.).
The check whether the timing header is set, will be performed only if the user gets general access to the resource using the allowedOrigins.
<web-app ...> ... <filter> <filter-name>cross-origin</filter-name> <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class> </filter> <filter-mapping> <filter-name>cross-origin</filter-name> <url-pattern>/cometd/*</url-pattern> </filter-mapping> ... </web-app>
Constructor | Description |
---|---|
CrossOriginFilter() |
Modifier and Type | Method | Description |
---|---|---|
void |
destroy() |
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
|
void |
init(javax.servlet.FilterConfig config) |
|
protected boolean |
isEnabled(javax.servlet.http.HttpServletRequest request) |
public static final java.lang.String ACCESS_CONTROL_REQUEST_METHOD_HEADER
public static final java.lang.String ACCESS_CONTROL_REQUEST_HEADERS_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_ORIGIN_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_METHODS_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_HEADERS_HEADER
public static final java.lang.String ACCESS_CONTROL_MAX_AGE_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER
public static final java.lang.String ACCESS_CONTROL_EXPOSE_HEADERS_HEADER
public static final java.lang.String TIMING_ALLOW_ORIGIN_HEADER
public static final java.lang.String ALLOWED_ORIGINS_PARAM
public static final java.lang.String ALLOWED_TIMING_ORIGINS_PARAM
public static final java.lang.String ALLOWED_METHODS_PARAM
public static final java.lang.String ALLOWED_HEADERS_PARAM
public static final java.lang.String PREFLIGHT_MAX_AGE_PARAM
public static final java.lang.String ALLOW_CREDENTIALS_PARAM
public static final java.lang.String EXPOSED_HEADERS_PARAM
public static final java.lang.String OLD_CHAIN_PREFLIGHT_PARAM
public static final java.lang.String CHAIN_PREFLIGHT_PARAM
public void init(javax.servlet.FilterConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
java.io.IOException
javax.servlet.ServletException
protected boolean isEnabled(javax.servlet.http.HttpServletRequest request)
public void destroy()
destroy
in interface javax.servlet.Filter
Copyright © 1995–2017 Webtide. All rights reserved.