public final class CorsSettingsImpl extends CorsSettings implements scala.Product, java.io.Serializable
Constructor and Description |
---|
CorsSettingsImpl(boolean allowGenericHttpRequests,
boolean allowCredentials,
HttpOriginMatcher allowedOrigins,
HttpHeaderRange allowedHeaders,
scala.collection.immutable.Seq<HttpMethod> allowedMethods,
scala.collection.immutable.Seq<java.lang.String> exposedHeaders,
scala.Option<java.lang.Object> maxAge) |
Modifier and Type | Method and Description |
---|---|
scala.collection.immutable.List<HttpHeader> |
actualResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins) |
boolean |
allowCredentials()
Indicates whether the resource supports user credentials.
|
HttpHeaderRange |
allowedHeaders()
List of request headers that can be used when making an actual request.
|
scala.collection.immutable.Seq<HttpMethod> |
allowedMethods()
List of methods that can be used when making an actual request.
|
HttpOriginMatcher |
allowedOrigins()
List of origins that the CORS filter must allow.
|
boolean |
allowGenericHttpRequests()
If
true , allow generic requests (that are outside the scope of the specification) to pass through the directive. |
abstract static R |
apply(T1 v1,
T2 v2,
T3 v3,
T4 v4,
T5 v5,
T6 v6,
T7 v7) |
scala.collection.immutable.Seq<java.lang.String> |
exposedHeaders()
List of headers (other than simple response headers) that browsers are allowed to access.
|
scala.Option<java.lang.Object> |
maxAge()
When set, the amount of seconds the browser is allowed to cache the results of a preflight request.
|
scala.collection.immutable.List<HttpHeader> |
preflightResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins,
scala.collection.immutable.Seq<java.lang.String> requestHeaders) |
java.lang.String |
productPrefix() |
static java.lang.String |
toString() |
apply, apply, apply, defaultSettings, fromSubConfig, getAllowCredentials, getAllowedHeaders, getAllowedMethods, getAllowedOrigins, getAllowGenericHttpRequests, getExposedHeaders, getMaxAge, prefix, withAllowCredentials, withAllowedHeaders, withAllowedHeaders, withAllowedMethods, withAllowedMethods, withAllowedOrigins, withAllowedOrigins, withAllowGenericHttpRequests, withExposedHeaders, withExposedHeaders, withMaxAge, withMaxAge
create, create, create
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
public CorsSettingsImpl(boolean allowGenericHttpRequests, boolean allowCredentials, HttpOriginMatcher allowedOrigins, HttpHeaderRange allowedHeaders, scala.collection.immutable.Seq<HttpMethod> allowedMethods, scala.collection.immutable.Seq<java.lang.String> exposedHeaders, scala.Option<java.lang.Object> maxAge)
public abstract static R apply(T1 v1, T2 v2, T3 v3, T4 v4, T5 v5, T6 v6, T7 v7)
public static java.lang.String toString()
public boolean allowGenericHttpRequests()
CorsSettings
true
, allow generic requests (that are outside the scope of the specification) to pass through the directive.
Else, strict CORS filtering is applied and any invalid request will be rejected.
Default: true
allowGenericHttpRequests
in class CorsSettings
public boolean allowCredentials()
CorsSettings
true
, the header Access-Control-Allow-Credentials
is set in the response, indicating that the actual request can include user credentials. Examples of user
credentials are: cookies, HTTP authentication or client-side certificates.
Default: true
allowCredentials
in class CorsSettings
https://www.w3.org/TR/cors/#access-control-allow-credentials-response-header Access-Control-Allow-Credentials}
public HttpOriginMatcher allowedOrigins()
CorsSettings
*
to allow access to the resource from any
origin. Controls the content of the Access-Control-Allow-Origin
response header: if parameter is *
and
credentials are not allowed, a *
is set in Access-Control-Allow-Origin
. Otherwise, the origins given in the
Origin
request header are echoed.
Hostname starting with *.
will match any sub-domain. The scheme and the port are always strictly matched.
The actual or preflight request is rejected if any of the origins from the request is not allowed.
Default: HttpOriginMatcher.*
allowedOrigins
in class CorsSettings
https://www.w3.org/TR/cors/#access-control-allow-origin-response-header Access-Control-Allow-Origin}
public HttpHeaderRange allowedHeaders()
CorsSettings
Access-Control-Allow-Headers
header in a preflight response: if parameter is *
, the headers from
Access-Control-Request-Headers
are echoed. Otherwise the parameter list is returned as part of the header.
Default: HttpHeaderRange.*
allowedHeaders
in class CorsSettings
https://www.w3.org/TR/cors/#access-control-allow-headers-response-header Access-Control-Allow-Headers}
public scala.collection.immutable.Seq<HttpMethod> allowedMethods()
CorsSettings
Access-Control-Allow-Methods
preflight response header.
The preflight request will be rejected if the Access-Control-Request-Method
header's method is not part of the
list.
Default: Seq(GET, POST, HEAD, OPTIONS)
allowedMethods
in class CorsSettings
https://www.w3.org/TR/cors/#access-control-allow-methods-response-header Access-Control-Allow-Methods}
public scala.collection.immutable.Seq<java.lang.String> exposedHeaders()
CorsSettings
Access-Control-Expose-Headers
header in the actual response.
Default: Seq.empty
exposedHeaders
in class CorsSettings
https://www.w3.org/TR/cors/#simple-response-header Simple response headers}
,
https://www.w3.org/TR/cors/#access-control-expose-headers-response-header Access-Control-Expose-Headers}
public scala.Option<java.lang.Object> maxAge()
CorsSettings
Access-Control-Max-Age
preflight response header. If None
, the header is not added to
the preflight response.
Default: Some(30 * 60)
maxAge
in class CorsSettings
https://www.w3.org/TR/cors/#access-control-max-age-response-header Access-Control-Max-Age}
public java.lang.String productPrefix()
productPrefix
in interface scala.Product
public scala.collection.immutable.List<HttpHeader> preflightResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins, scala.collection.immutable.Seq<java.lang.String> requestHeaders)
preflightResponseHeaders
in class CorsSettings
public scala.collection.immutable.List<HttpHeader> actualResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins)
actualResponseHeaders
in class CorsSettings