org.apache.pekko.http.cors.scaladsl.settings

Class CorsSettingsImpl

java.lang.Object

org.apache.pekko.http.cors.javadsl.settings.CorsSettings

org.apache.pekko.http.cors.scaladsl.settings.CorsSettings

org.apache.pekko.http.cors.scaladsl.settings.CorsSettingsImpl

All Implemented Interfaces:

java.io.Serializable, scala.Equals, scala.Product

public final class CorsSettingsImpl
extends CorsSettings
implements scala.Product, java.io.Serializable

INTERNAL API

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
CorsSettingsImpl(boolean allowGenericHttpRequests, boolean allowCredentials, HttpOriginMatcher allowedOrigins, HttpHeaderRange allowedHeaders, scala.collection.immutable.Seq<HttpMethod> allowedMethods, scala.collection.immutable.Seq<java.lang.String> exposedHeaders, scala.Option<java.lang.Object> maxAge)

Method Summary

Modifier and Type	Method and Description
scala.collection.immutable.List<HttpHeader>	actualResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins)
boolean	allowCredentials() Indicates whether the resource supports user credentials.
HttpHeaderRange	allowedHeaders() List of request headers that can be used when making an actual request.
scala.collection.immutable.Seq<HttpMethod>	allowedMethods() List of methods that can be used when making an actual request.
HttpOriginMatcher	allowedOrigins() List of origins that the CORS filter must allow.
boolean	allowGenericHttpRequests() If true, allow generic requests (that are outside the scope of the specification) to pass through the directive.
abstract static R	apply(T1 v1, T2 v2, T3 v3, T4 v4, T5 v5, T6 v6, T7 v7)
scala.collection.immutable.Seq<java.lang.String>	exposedHeaders() List of headers (other than simple response headers) that browsers are allowed to access.
scala.Option<java.lang.Object>	maxAge() When set, the amount of seconds the browser is allowed to cache the results of a preflight request.
scala.collection.immutable.List<HttpHeader>	preflightResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins, scala.collection.immutable.Seq<java.lang.String> requestHeaders)
java.lang.String	productPrefix()
static java.lang.String	toString()

Methods inherited from class org.apache.pekko.http.cors.scaladsl.settings.CorsSettings

apply, apply, apply, defaultSettings, fromSubConfig, getAllowCredentials, getAllowedHeaders, getAllowedMethods, getAllowedOrigins, getAllowGenericHttpRequests, getExposedHeaders, getMaxAge, prefix, withAllowCredentials, withAllowedHeaders, withAllowedHeaders, withAllowedMethods, withAllowedMethods, withAllowedOrigins, withAllowedOrigins, withAllowGenericHttpRequests, withExposedHeaders, withExposedHeaders, withMaxAge, withMaxAge

Methods inherited from class org.apache.pekko.http.cors.javadsl.settings.CorsSettings

create, create, create

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface scala.Product

$init$, productArity, productElement, productElementName, productElementNames, productIterator

Methods inherited from interface scala.Equals

canEqual, equals

Constructor Detail

CorsSettingsImpl

public CorsSettingsImpl(boolean allowGenericHttpRequests,
                        boolean allowCredentials,
                        HttpOriginMatcher allowedOrigins,
                        HttpHeaderRange allowedHeaders,
                        scala.collection.immutable.Seq<HttpMethod> allowedMethods,
                        scala.collection.immutable.Seq<java.lang.String> exposedHeaders,
                        scala.Option<java.lang.Object> maxAge)

Method Detail

apply

public abstract static R apply(T1 v1,
                               T2 v2,
                               T3 v3,
                               T4 v4,
                               T5 v5,
                               T6 v6,
                               T7 v7)

toString

public static java.lang.String toString()

allowGenericHttpRequests

public boolean allowGenericHttpRequests()

Description copied from class: CorsSettings

If true, allow generic requests (that are outside the scope of the specification) to pass through the directive. Else, strict CORS filtering is applied and any invalid request will be rejected.

Default: true

Specified by:

allowGenericHttpRequests in class CorsSettings

Returns:

(undocumented)

allowCredentials

public boolean allowCredentials()

Description copied from class: CorsSettings

Indicates whether the resource supports user credentials. If true, the header Access-Control-Allow-Credentials is set in the response, indicating that the actual request can include user credentials. Examples of user credentials are: cookies, HTTP authentication or client-side certificates.

Default: true

Specified by:

allowCredentials in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#access-control-allow-credentials-response-header Access-Control-Allow-Credentials}

allowedOrigins

public HttpOriginMatcher allowedOrigins()

Description copied from class: CorsSettings

List of origins that the CORS filter must allow. Can also be set to * to allow access to the resource from any origin. Controls the content of the Access-Control-Allow-Origin response header: if parameter is * and credentials are not allowed, a * is set in Access-Control-Allow-Origin. Otherwise, the origins given in the Origin request header are echoed.

Hostname starting with *. will match any sub-domain. The scheme and the port are always strictly matched.

The actual or preflight request is rejected if any of the origins from the request is not allowed.

Default: HttpOriginMatcher.*

Specified by:

allowedOrigins in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#access-control-allow-origin-response-header Access-Control-Allow-Origin}

allowedHeaders

public HttpHeaderRange allowedHeaders()

Description copied from class: CorsSettings

List of request headers that can be used when making an actual request. Controls the content of the Access-Control-Allow-Headers header in a preflight response: if parameter is *, the headers from Access-Control-Request-Headers are echoed. Otherwise the parameter list is returned as part of the header.

Default: HttpHeaderRange.*

Specified by:

allowedHeaders in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#access-control-allow-headers-response-header Access-Control-Allow-Headers}

allowedMethods

public scala.collection.immutable.Seq<HttpMethod> allowedMethods()

Description copied from class: CorsSettings

List of methods that can be used when making an actual request. The list is returned as part of the Access-Control-Allow-Methods preflight response header.

The preflight request will be rejected if the Access-Control-Request-Method header's method is not part of the list.

Default: Seq(GET, POST, HEAD, OPTIONS)

Specified by:

allowedMethods in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#access-control-allow-methods-response-header Access-Control-Allow-Methods}

exposedHeaders

public scala.collection.immutable.Seq<java.lang.String> exposedHeaders()

Description copied from class: CorsSettings

List of headers (other than simple response headers) that browsers are allowed to access. If not empty, this list is returned as part of the Access-Control-Expose-Headers header in the actual response.

Default: Seq.empty

Specified by:

exposedHeaders in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#simple-response-header Simple response headers}, https://www.w3.org/TR/cors/#access-control-expose-headers-response-header Access-Control-Expose-Headers}

maxAge

public scala.Option<java.lang.Object> maxAge()

Description copied from class: CorsSettings

When set, the amount of seconds the browser is allowed to cache the results of a preflight request. This value is returned as part of the Access-Control-Max-Age preflight response header. If None, the header is not added to the preflight response.

Default: Some(30 * 60)

Specified by:

maxAge in class CorsSettings

Returns:

(undocumented)

See Also:

https://www.w3.org/TR/cors/#access-control-max-age-response-header Access-Control-Max-Age}

productPrefix

public java.lang.String productPrefix()

Specified by:

productPrefix in interface scala.Product

preflightResponseHeaders

public scala.collection.immutable.List<HttpHeader> preflightResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins,
                                                                            scala.collection.immutable.Seq<java.lang.String> requestHeaders)

Specified by:

preflightResponseHeaders in class CorsSettings

actualResponseHeaders

public scala.collection.immutable.List<HttpHeader> actualResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins)

Specified by:

actualResponseHeaders in class CorsSettings