Filter
public class CrossOriginFilter extends java.lang.Object implements Filter
A typical example is to use this filter to allow cross-domain cometd communication using the standard long polling transport instead of the JSONP transport (that is less efficient and less reactive to failures).
This filter allows the following configuration parameters:
If an allowed origin contains one or more * characters (for example http://*.domain.com), then "*" characters are converted to ".*", "." characters are escaped to "\." and the resulting allowed origin interpreted as a regular expression.
Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3} that matches http or https, multiple subdomains and any 3 letter top-level domain (.com, .net, .org, etc.).
The check whether the timing header is set, will be performed only if the user gets general access to the resource using the allowedOrigins.
<web-app ...> ... <filter> <filter-name>cross-origin</filter-name> <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class> </filter> <filter-mapping> <filter-name>cross-origin</filter-name> <url-pattern>/cometd/*</url-pattern> </filter-mapping> ... </web-app>
Constructor | Description |
---|---|
CrossOriginFilter() |
Modifier and Type | Method | Description |
---|---|---|
void |
destroy() |
|
void |
doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain) |
|
void |
init(FilterConfig config) |
|
protected boolean |
isEnabled(HttpServletRequest request) |
public static final java.lang.String ACCESS_CONTROL_REQUEST_METHOD_HEADER
public static final java.lang.String ACCESS_CONTROL_REQUEST_HEADERS_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_ORIGIN_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_METHODS_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_HEADERS_HEADER
public static final java.lang.String ACCESS_CONTROL_MAX_AGE_HEADER
public static final java.lang.String ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER
public static final java.lang.String ACCESS_CONTROL_EXPOSE_HEADERS_HEADER
public static final java.lang.String TIMING_ALLOW_ORIGIN_HEADER
public static final java.lang.String ALLOWED_ORIGINS_PARAM
public static final java.lang.String ALLOWED_TIMING_ORIGINS_PARAM
public static final java.lang.String ALLOWED_METHODS_PARAM
public static final java.lang.String ALLOWED_HEADERS_PARAM
public static final java.lang.String PREFLIGHT_MAX_AGE_PARAM
public static final java.lang.String ALLOW_CREDENTIALS_PARAM
public static final java.lang.String EXPOSED_HEADERS_PARAM
public static final java.lang.String OLD_CHAIN_PREFLIGHT_PARAM
public static final java.lang.String CHAIN_PREFLIGHT_PARAM
public void init(FilterConfig config) throws ServletException
init
in interface Filter
ServletException
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException
doFilter
in interface Filter
java.io.IOException
ServletException
protected boolean isEnabled(HttpServletRequest request)
Copyright © 1995–2018 Webtide. All rights reserved.