this.cors.configure(this);
@Test public void corsWhenEnabledThenAccessControlAllowOriginAndSecurityHeaders() { this.http.cors().configurationSource(this.source); this.expectedHeaders.set("Access-Control-Allow-Origin", "*"); this.expectedHeaders.set("X-Frame-Options", "DENY"); assertHeaders(); }
this.cors.configure(this);
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { log.info("Configuring SecurityWebFilterChain ..."); formLogin(http); // Configure form login authorizeExchange(http); // configure authorization oauth2Login(http); // configure OAuth2 login return http .securityContextRepository(NoOpServerSecurityContextRepository.getInstance()) .exceptionHandling() .accessDeniedHandler(accessDeniedHandler()) .authenticationEntryPoint(authenticationEntryPoint()) .and() .cors() .and() .csrf().disable() .addFilterAt(tokenAuthenticationFilter(), SecurityWebFiltersOrder.AUTHENTICATION) .logout().disable() .build(); }
protected void configure(ServerHttpSecurity http) { CorsWebFilter corsFilter = getCorsFilter(); if (corsFilter != null) { http.addFilterAt(this.corsFilter, SecurityWebFiltersOrder.CORS); } }
/** * Configures CORS headers. By default if a {@link CorsConfigurationSource} Bean is found, it will be used * to create a {@link CorsWebFilter}. If {@link CorsSpec#configurationSource(CorsConfigurationSource)} is invoked * it will be used instead. If neither has been configured, the Cors configuration will do nothing. * @return the {@link CorsSpec} to customize */ public CorsSpec cors() { if (this.cors == null) { this.cors = new CorsSpec(); } return this.cors; }
this.cors.configure(this);
protected void configure(ServerHttpSecurity http) { CorsWebFilter corsFilter = getCorsFilter(); if (corsFilter != null) { http.addFilterAt(this.corsFilter, SecurityWebFiltersOrder.CORS); } }
/** * Configures CORS headers. By default if a {@link CorsConfigurationSource} Bean is found, it will be used * to create a {@link CorsWebFilter}. If {@link CorsSpec#configurationSource(CorsConfigurationSource)} is invoked * it will be used instead. If neither has been configured, the Cors configuration will do nothing. * @return the {@link CorsSpec} to customize */ public CorsSpec cors() { if (this.cors == null) { this.cors = new CorsSpec(); } return this.cors; }
/** * Configures CORS headers. By default if a {@link CorsConfigurationSource} Bean is found, it will be used * to create a {@link CorsWebFilter}. If {@link CorsSpec#configurationSource(CorsConfigurationSource)} is invoked * it will be used instead. If neither has been configured, the Cors configuration will do nothing. * @return the {@link CorsSpec} to customize */ public CorsSpec cors() { if (this.cors == null) { this.cors = new CorsSpec(); } return this.cors; }
protected void configure(ServerHttpSecurity http) { CorsWebFilter corsFilter = getCorsFilter(); if (corsFilter != null) { http.addFilterAt(this.corsFilter, SecurityWebFiltersOrder.CORS); } }