Package org.apache.pekko.http.cors.scaladsl.settings

Class CorsSettingsImpl

java.lang.Object
org.apache.pekko.http.cors.javadsl.settings.CorsSettings
org.apache.pekko.http.cors.scaladsl.settings.CorsSettings
org.apache.pekko.http.cors.scaladsl.settings.CorsSettingsImpl
All Implemented Interfaces:
Serializable, scala.Equals, scala.Product
public final class CorsSettingsImpl extends CorsSettings implements scala.Product, Serializable
INTERNAL API
See Also:

  • Constructor Details

    • CorsSettingsImpl

      public CorsSettingsImpl(boolean allowGenericHttpRequests, boolean allowCredentials, HttpOriginMatcher allowedOrigins, HttpHeaderRange allowedHeaders, scala.collection.immutable.Seq<HttpMethod> allowedMethods, scala.collection.immutable.Seq<String> exposedHeaders, scala.Option<Object> maxAge)

  • Method Details

    • apply

      public abstract static R apply(T1 v1, T2 v2, T3 v3, T4 v4, T5 v5, T6 v6, T7 v7)

    • toString

      public static String toString()

    • allowGenericHttpRequests

      public boolean allowGenericHttpRequests()
      Description copied from class: CorsSettings
      If true, allow generic requests (that are outside the scope of the specification) to pass through the directive. Else, strict CORS filtering is applied and any invalid request will be rejected.

      Default: true

      Specified by:
      allowGenericHttpRequests in class CorsSettings
      Returns:
      (undocumented)

    • allowCredentials

      public boolean allowCredentials()
      Description copied from class: CorsSettings
      Indicates whether the resource supports user credentials. If true, the header Access-Control-Allow-Credentials is set in the response, indicating that the actual request can include user credentials. Examples of user credentials are: cookies, HTTP authentication or client-side certificates.

      Default: true

      Specified by:
      allowCredentials in class CorsSettings
      Returns:
      (undocumented)

    • allowedOrigins

      public HttpOriginMatcher allowedOrigins()
      Description copied from class: CorsSettings
      List of origins that the CORS filter must allow. Can also be set to * to allow access to the resource from any origin. Controls the content of the Access-Control-Allow-Origin response header: if parameter is * and credentials are not allowed, a * is set in Access-Control-Allow-Origin. Otherwise, the origins given in the Origin request header are echoed.

      Hostname starting with *. will match any sub-domain. The scheme and the port are always strictly matched.

      The actual or preflight request is rejected if any of the origins from the request is not allowed.

      Default: HttpOriginMatcher.*

      Specified by:
      allowedOrigins in class CorsSettings
      Returns:
      (undocumented)

    • allowedHeaders

      public HttpHeaderRange allowedHeaders()
      Description copied from class: CorsSettings
      List of request headers that can be used when making an actual request. Controls the content of the Access-Control-Allow-Headers header in a preflight response: if parameter is *, the headers from Access-Control-Request-Headers are echoed. Otherwise the parameter list is returned as part of the header.

      Default: HttpHeaderRange.*

      Specified by:
      allowedHeaders in class CorsSettings
      Returns:
      (undocumented)

    • allowedMethods

      public scala.collection.immutable.Seq<HttpMethod> allowedMethods()
      Description copied from class: CorsSettings
      List of methods that can be used when making an actual request. The list is returned as part of the Access-Control-Allow-Methods preflight response header.

      The preflight request will be rejected if the Access-Control-Request-Method header's method is not part of the list.

      Default: Seq(GET, POST, HEAD, OPTIONS)

      Specified by:
      allowedMethods in class CorsSettings
      Returns:
      (undocumented)

    • exposedHeaders

      public scala.collection.immutable.Seq<String> exposedHeaders()
      Description copied from class: CorsSettings
      List of headers (other than simple response headers) that browsers are allowed to access. If not empty, this list is returned as part of the Access-Control-Expose-Headers header in the actual response.

      Default: Seq.empty

      Specified by:
      exposedHeaders in class CorsSettings
      Returns:
      (undocumented)

    • maxAge

      public scala.Option<Object> maxAge()
      Description copied from class: CorsSettings
      When set, the amount of seconds the browser is allowed to cache the results of a preflight request. This value is returned as part of the Access-Control-Max-Age preflight response header. If None, the header is not added to the preflight response.

      Default: Some(30 * 60)

      Specified by:
      maxAge in class CorsSettings
      Returns:
      (undocumented)

    • productPrefix

      public String productPrefix()
      Specified by:
      productPrefix in interface scala.Product

    • preflightResponseHeaders

      public scala.collection.immutable.List<HttpHeader> preflightResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins, scala.collection.immutable.Seq<String> requestHeaders)
      Specified by:
      preflightResponseHeaders in class CorsSettings

    • actualResponseHeaders

      public scala.collection.immutable.List<HttpHeader> actualResponseHeaders(scala.collection.immutable.Seq<HttpOrigin> origins)
      Specified by:
      actualResponseHeaders in class CorsSettings