/** * Set the HTTP methods to allow, e.g. {@code "GET"}, {@code "POST"}, etc. * The special value {@code "*"} allows all methods. * <p>By default "simple" methods, i.e. {@code GET}, {@code HEAD}, and * {@code POST} are allowed. */ public CorsRegistration allowedMethods(String... methods) { this.config.setAllowedMethods(Arrays.asList(methods)); return this; }
/** * Set the HTTP methods to allow, e.g. {@code "GET"}, {@code "POST"}, etc. * <p>The special value {@code "*"} allows all methods. * <p>By default "simple" methods {@code GET}, {@code HEAD}, and {@code POST} * are allowed. */ public CorsRegistration allowedMethods(String... methods) { this.config.setAllowedMethods(new ArrayList<>(Arrays.asList(methods))); return this; }
/** * Set the HTTP methods to allow, e.g. {@code "GET"}, {@code "POST"}, etc. * The special value {@code "*"} allows all methods. * <p>By default "simple" methods, i.e. {@code GET}, {@code HEAD}, and * {@code POST} are allowed. */ public CorsRegistration allowedMethods(String... methods) { this.config.setAllowedMethods(Arrays.asList(methods)); return this; }
/** * Add an HTTP method to allow. */ public void addAllowedMethod(String method) { if (StringUtils.hasText(method)) { if (this.allowedMethods == null) { this.allowedMethods = new ArrayList<>(4); this.resolvedMethods = new ArrayList<>(4); } else if (this.allowedMethods == DEFAULT_PERMIT_METHODS) { setAllowedMethods(DEFAULT_PERMIT_METHODS); } this.allowedMethods.add(method); if (ALL.equals(method)) { this.resolvedMethods = null; } else if (this.resolvedMethods != null) { this.resolvedMethods.add(HttpMethod.resolve(method)); } } }
/** * Add an HTTP method to allow. */ public void addAllowedMethod(String method) { if (StringUtils.hasText(method)) { if (this.allowedMethods == null) { this.allowedMethods = new ArrayList<>(4); this.resolvedMethods = new ArrayList<>(4); } else if (this.allowedMethods == DEFAULT_PERMIT_METHODS) { setAllowedMethods(DEFAULT_PERMIT_METHODS); } this.allowedMethods.add(method); if (ALL.equals(method)) { this.resolvedMethods = null; } else if (this.resolvedMethods != null) { this.resolvedMethods.add(HttpMethod.resolve(method)); } } }
config.setAllowedMethods(Arrays.asList(allowedMethods));
@Bean CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedMethods(Arrays.asList("HEAD", "GET")); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/process-groups/*/templates/upload", configuration); return source; }
config.setAllowedMethods(Arrays.asList(allowedMethods));
@Before public void setup() throws Exception { config.setAllowedOrigins(Arrays.asList("http://domain1.com", "http://domain2.com")); config.setAllowedMethods(Arrays.asList("GET", "POST")); config.setAllowedHeaders(Arrays.asList("header1", "header2")); config.setExposedHeaders(Arrays.asList("header3", "header4")); config.setMaxAge(123L); config.setAllowCredentials(false); filter = new CorsFilter(r -> config); }
@Bean public CorsFilter corsFilter() { final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); //是否支持 cookie 跨域 config.setAllowedHeaders(Arrays.asList("*")); config.setAllowedOrigins(Arrays.asList("*")); config.setAllowedMethods(Arrays.asList("*")); config.setMaxAge(300l); //缓存时间。在这个时间段内,相同的跨域请求将不再检查 source.registerCorsConfiguration("/**", config); return new CorsFilter(source); } }
@Before public void setup() throws Exception { config.setAllowedOrigins(Arrays.asList("http://domain1.com", "http://domain2.com")); config.setAllowedMethods(Arrays.asList("GET", "POST")); config.setAllowedHeaders(Arrays.asList("header1", "header2")); config.setExposedHeaders(Arrays.asList("header3", "header4")); config.setMaxAge(123L); config.setAllowCredentials(false); filter = new CorsWebFilter(r -> config); }
MyCorsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Arrays.asList("*")); configuration.setAllowedMethods(Arrays.asList(RequestMethod.GET.name(), RequestMethod.POST.name())); super.registerCorsConfiguration( "/**", configuration); } }
@Test public void checkMethodNotAllowed() { CorsConfiguration config = new CorsConfiguration(); assertNull(config.checkHttpMethod(null)); assertNull(config.checkHttpMethod(HttpMethod.DELETE)); config.setAllowedMethods(new ArrayList<>()); assertNull(config.checkHttpMethod(HttpMethod.POST)); }
config.setAllowedMethods(combine(getAllowedMethods(), other.getAllowedMethods())); config.setAllowedHeaders(combine(getAllowedHeaders(), other.getAllowedHeaders())); config.setExposedHeaders(combine(getExposedHeaders(), other.getExposedHeaders()));
config.setAllowedMethods(combine(getAllowedMethods(), other.getAllowedMethods())); config.setAllowedHeaders(combine(getAllowedHeaders(), other.getAllowedHeaders())); config.setExposedHeaders(combine(getExposedHeaders(), other.getExposedHeaders()));
@Test public void setNullValues() { CorsConfiguration config = new CorsConfiguration(); config.setAllowedOrigins(null); assertNull(config.getAllowedOrigins()); config.setAllowedHeaders(null); assertNull(config.getAllowedHeaders()); config.setAllowedMethods(null); assertNull(config.getAllowedMethods()); config.setExposedHeaders(null); assertNull(config.getExposedHeaders()); config.setAllowCredentials(null); assertNull(config.getAllowCredentials()); config.setMaxAge(null); assertNull(config.getMaxAge()); }
private static CorsConfiguration createDefaultCorsConfig() { CorsConfiguration retVal = new CorsConfiguration(); retVal.setAllowedHeaders(new ArrayList<>(Constants.CORS_ALLOWED_HEADERS)); retVal.setAllowedMethods(new ArrayList<>(Constants.CORS_ALLWED_METHODS)); retVal.addExposedHeader("Content-Location"); retVal.addExposedHeader("Location"); retVal.addAllowedOrigin("*"); return retVal; }
config.setAllowedMethods(Arrays .asList(StringUtils.split(configData.get(CONFIG_ALLOWED_METHODS), CommonConstants.COMMA_DELIMITED)));
private static UrlBasedCorsConfigurationSource configurationSource() { CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.setMaxAge(36000L); config.setAllowedMethods(Arrays.asList("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/api/**", config); return source; } }
@Override protected void initialize() throws ServletException { // ... define your resource providers here ... // Define your CORS configuration. This is an example // showing a typical setup. You should customize this // to your specific needs CorsConfiguration config = new CorsConfiguration(); config.addAllowedHeader("x-fhir-starter"); config.addAllowedHeader("Origin"); config.addAllowedHeader("Accept"); config.addAllowedHeader("X-Requested-With"); config.addAllowedHeader("Content-Type"); config.addAllowedOrigin("*"); config.addExposedHeader("Location"); config.addExposedHeader("Content-Location"); config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")); // Create the interceptor and register it CorsInterceptor interceptor = new CorsInterceptor(config); registerInterceptor(interceptor); }