public final class CorsConfig extends Object
Modifier and Type | Class and Description |
---|---|
static class |
CorsConfig.Builder
Deprecated.
Use
CorsConfigBuilder instead. |
static class |
CorsConfig.DateValueGenerator
Deprecated.
Removed without alternatives.
|
Modifier and Type | Method and Description |
---|---|
Set<String> |
allowedRequestHeaders()
Returns the allowed set of Request Headers.
|
Set<HttpMethod> |
allowedRequestMethods()
Returns the allowed set of Request Methods.
|
Set<String> |
exposedHeaders()
Returns a set of headers to be exposed to calling clients.
|
boolean |
isAnyOriginSupported()
Determines whether a wildcard origin, '*', is supported.
|
boolean |
isCorsSupportEnabled()
Determines if support for CORS is enabled.
|
boolean |
isCredentialsAllowed()
Determines if cookies are supported for CORS requests.
|
boolean |
isNullOriginAllowed()
Web browsers may set the 'Origin' request header to 'null' if a resource is loaded
from the local file system.
|
boolean |
isPrivateNetworkAllowed()
Web browsers may set the 'Access-Control-Request-Private-Network' request header if a resource is loaded
from a local network.
|
boolean |
isShortCircuit()
Determines whether a CORS request should be rejected if it's invalid before being
further processing.
|
boolean |
isShortCurcuit()
Deprecated.
Use
isShortCircuit() instead. |
long |
maxAge()
Gets the maxAge setting.
|
String |
origin()
Returns the allowed origin.
|
Set<String> |
origins()
Returns the set of allowed origins.
|
HttpHeaders |
preflightResponseHeaders()
Returns HTTP response headers that should be added to a CORS preflight response.
|
String |
toString() |
static CorsConfig.Builder |
withAnyOrigin()
Deprecated.
Use
CorsConfigBuilder.forAnyOrigin() instead. |
static CorsConfig.Builder |
withOrigin(String origin)
Deprecated.
Use
CorsConfigBuilder.forOrigin(String) instead. |
static CorsConfig.Builder |
withOrigins(String... origins)
Deprecated.
Use
CorsConfigBuilder.forOrigins(String...) instead. |
public boolean isCorsSupportEnabled()
true
if support for CORS is enabled, false otherwise.public boolean isAnyOriginSupported()
boolean
true if any origin is allowed.public String origin()
public Set<String> origins()
Set
the allowed origins.public boolean isNullOriginAllowed()
true
if a 'null' origin should be supported.public boolean isPrivateNetworkAllowed()
true
if private network access should be allowed.public Set<String> exposedHeaders()
xhr.getResponseHeader("Content-Type");The headers that are available by default are:
List<String>
a list of the headers to expose.public boolean isCredentialsAllowed()
xhr.withCredentials = true;The default value for 'withCredentials' is false in which case no cookies are sent. Setting this to true will included cookies in cross origin requests.
true
if cookies are supported.public long maxAge()
long
the time in seconds that a preflight request may be cached.public Set<HttpMethod> allowedRequestMethods()
Set
of HttpMethod
s that represent the allowed Request Methods.public Set<String> allowedRequestHeaders()
Set<String>
of strings that represent the allowed Request Headers.public HttpHeaders preflightResponseHeaders()
HttpHeaders
the HTTP response headers to be added.public boolean isShortCircuit()
true
if a CORS request should short-circuit upon receiving an invalid Origin header.@Deprecated public boolean isShortCurcuit()
isShortCircuit()
instead.@Deprecated public static CorsConfig.Builder withAnyOrigin()
CorsConfigBuilder.forAnyOrigin()
instead.@Deprecated public static CorsConfig.Builder withOrigin(String origin)
CorsConfigBuilder.forOrigin(String)
instead.@Deprecated public static CorsConfig.Builder withOrigins(String... origins)
CorsConfigBuilder.forOrigins(String...)
instead.Copyright © 2008–2024 The Netty Project. All rights reserved.