Package org.jboss.resteasy.plugins.interceptors

Class CorsFilter

java.lang.Object
org.jboss.resteasy.plugins.interceptors.CorsFilter
All Implemented Interfaces:
ContainerRequestFilter, ContainerResponseFilter
@PreMatching public class CorsFilter extends Object implements ContainerRequestFilter, ContainerResponseFilter
Handles CORS requests both preflight and simple CORS requests. You must bind this as a singleton and set up allowedOrigins and other settings to use.
Version:
$Revision: 1 $
Author:
Bill Burke

  • Field Details

    • allowCredentials

      protected boolean allowCredentials

    • allowedMethods

      protected String allowedMethods

    • allowedHeaders

      protected String allowedHeaders

    • exposedHeaders

      protected String exposedHeaders

    • corsMaxAge

      protected int corsMaxAge

    • allowedOrigins

      protected Set<String> allowedOrigins

  • Constructor Details

    • CorsFilter

      public CorsFilter()

  • Method Details

    • getAllowedOrigins

      public Set<String> getAllowedOrigins()
      Put "*" if you want to accept all origins.
      Returns:
      allowed origins

    • isAllowCredentials

      public boolean isAllowCredentials()
      Defaults to true.
      Returns:
      allow credentials

    • setAllowCredentials

      public void setAllowCredentials(boolean allowCredentials)

    • getAllowedMethods

      public String getAllowedMethods()
      Will allow all by default.
      Returns:
      allowed methods

    • setAllowedMethods

      public void setAllowedMethods(String allowedMethods)
      Will allow all by default comma delimited string for Access-Control-Allow-Methods.
      Parameters:
      allowedMethods - allowed methods

    • getAllowedHeaders

      public String getAllowedHeaders()

    • setAllowedHeaders

      public void setAllowedHeaders(String allowedHeaders)
      Will allow all by default comma delimited string for Access-Control-Allow-Headers.
      Parameters:
      allowedHeaders - allowed headers

    • getCorsMaxAge

      public int getCorsMaxAge()

    • setCorsMaxAge

      public void setCorsMaxAge(int corsMaxAge)

    • getExposedHeaders

      public String getExposedHeaders()

    • setExposedHeaders

      public void setExposedHeaders(String exposedHeaders)
      Comma delimited list.
      Parameters:
      exposedHeaders - exposed headers

    • filter

      public void filter(ContainerRequestContext requestContext) throws IOException
      Description copied from interface: ContainerRequestFilter
      Filter method called before a request has been dispatched to a resource.

      Filters in the filter chain are ordered according to their jakarta.annotation.Priority class-level annotation value. If a request filter produces a response by calling ContainerRequestContext.abortWith(jakarta.ws.rs.core.Response) method, the execution of the (either pre-match or post-match) request filter chain is stopped and the response is passed to the corresponding response filter chain (either pre-match or post-match). For example, a pre-match caching filter may produce a response in this way, which would effectively skip any post-match request filters as well as post-match response filters. Note however that a responses produced in this manner would still be processed by the pre-match response filter chain.

      Specified by:
      filter in interface ContainerRequestFilter
      Parameters:
      requestContext - request context.
      Throws:
      IOException - if an I/O exception occurs.
      See Also:

    • filter

      public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException
      Description copied from interface: ContainerResponseFilter
      Filter method called after a response has been provided for a request (either by a request filter or by a matched resource method.

      Filters in the filter chain are ordered according to their jakarta.annotation.Priority class-level annotation value.

      Specified by:
      filter in interface ContainerResponseFilter
      Parameters:
      requestContext - request context.
      responseContext - response context.
      Throws:
      IOException - if an I/O exception occurs.

    • preflight

      protected void preflight(String origin, ContainerRequestContext requestContext) throws IOException
      Throws:
      IOException

    • checkOrigin

      protected void checkOrigin(ContainerRequestContext requestContext, String origin)