public interface CorsHandler extends SecurityPolicyHandler
Modifier and Type | Method and Description |
---|---|
CorsHandler |
addOrigin(String origin)
Add an origin to the list of allowed Origins.
|
CorsHandler |
addOrigins(List<String> origins)
Set the list of allowed origins.
|
CorsHandler |
addRelativeOrigin(String origin)
Add a relative origin to the list of allowed Origins.
|
CorsHandler |
addRelativeOrigins(List<String> origins)
Set the list of allowed relative origins.
|
CorsHandler |
allowCredentials(boolean allow)
Set whether credentials are allowed.
|
CorsHandler |
allowedHeader(String headerName)
Add an allowed header
|
CorsHandler |
allowedHeaders(Set<String> headerNames)
Add a set of allowed headers
|
CorsHandler |
allowedMethod(HttpMethod method)
Add an allowed method
|
CorsHandler |
allowedMethods(Set<HttpMethod> methods)
Add a set of allowed methods
|
CorsHandler |
allowPrivateNetwork(boolean allow)
Set whether access from public to private networks are allowed.
|
static CorsHandler |
create()
Create a empty CORS handler that allows
* origin. |
static CorsHandler |
create(String allowedOriginPattern)
Deprecated.
patterns should use the relative origin method.
Create a CORS handler using a regular expression to match origins. An origin follows rfc6454#section-7
and is expected to have the format:
<scheme> "://" <hostname> [ ":" <port> ] |
CorsHandler |
exposedHeader(String headerName)
Add an exposed header
|
CorsHandler |
exposedHeaders(Set<String> headerNames)
Add a set of exposed headers
|
CorsHandler |
maxAgeSeconds(int maxAgeSeconds)
Set how long the browser should cache the information
|
@Deprecated static CorsHandler create(String allowedOriginPattern)
<scheme> "://" <hostname> [ ":" <port> ]
allowedOriginPattern
- the allowed origin patternstatic CorsHandler create()
*
origin.CorsHandler addOrigin(String origin)
<scheme> "://" <hostname> [ ":" <port> ]
origin
- the well formatted static originCorsHandler addRelativeOrigins(List<String> origins)
<scheme> "://" <hostname> [ ":" <port> ]
.origins
- the well formatted relative origin listCorsHandler addRelativeOrigin(String origin)
<scheme> "://" <hostname> [ ":" <port> ]
.origin
- the well formatted static originCorsHandler addOrigins(List<String> origins)
<scheme> "://" <hostname> [ ":" <port> ]
origins
- the well formatted static origin listCorsHandler allowedMethod(HttpMethod method)
method
- the method to addCorsHandler allowedMethods(Set<HttpMethod> methods)
methods
- the methods to addCorsHandler allowedHeader(String headerName)
headerName
- the allowed header nameCorsHandler allowedHeaders(Set<String> headerNames)
headerNames
- the allowed header namesCorsHandler exposedHeader(String headerName)
headerName
- the exposed header nameCorsHandler exposedHeaders(Set<String> headerNames)
headerNames
- the exposed header namesCorsHandler allowCredentials(boolean allow)
Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding.
allow
- true if allowedCorsHandler maxAgeSeconds(int maxAgeSeconds)
maxAgeSeconds
- max age in secondsCorsHandler allowPrivateNetwork(boolean allow)
allow
- true if allowedCopyright © 2023 Eclipse. All rights reserved.