Class CorsHandlerHelperImpl
- java.lang.Object
-
- org.apache.tapestry5.http.internal.services.CorsHandlerHelperImpl
-
- All Implemented Interfaces:
CorsHandlerHelper
public class CorsHandlerHelperImpl extends java.lang.Object implements CorsHandlerHelper
DefaultCorsHandlerHelper
implementation.- Since:
- 5.8.2
- See Also:
CorsHandler
,TapestryHttpSymbolConstants.CORS_ENABLED
,TapestryHttpSymbolConstants.CORS_ALLOWED_ORIGINS
-
-
Field Summary
-
Fields inherited from interface org.apache.tapestry5.http.services.CorsHandlerHelper
ALLOW_CREDENTIALS_HEADER, ALLOW_HEADERS_HEADER, ALLOW_METHODS_HEADER, ALLOW_ORIGIN_HEADER, EXPOSE_HEADERS_HEADER, MAX_AGE_HEADER, OPTIONS_METHOD, ORIGIN_HEADER, ORIGIN_WILDCARD, REQUEST_HEADERS_HEADER, VARY_HEADER
-
-
Constructor Summary
Constructors Constructor Description CorsHandlerHelperImpl(java.lang.String allowedOrigins, boolean allowCredentials, java.lang.String allowMethods, java.lang.String allowedHeaders, java.lang.String exposeHeaders, java.lang.String maxAge)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
configureAllowedHeaders(HttpServletResponse response, HttpServletRequest request)
Conditionally the Access-Control-Request-Headers HTTP header.void
configureCredentials(HttpServletResponse response)
Conditionally sets the Access-Control-Allow-Credentials HTTP header.void
configureExposeHeaders(HttpServletResponse response)
Conditionally sets the Access-Control-Expose-Headers HTTP header.void
configureMaxAge(HttpServletResponse response)
Conditionally sets the Access-Control-Max-Age HTTP header.void
configureMethods(HttpServletResponse response)
Conditionally sets the Access-Control-Allow-Methods HTTP header in responses to preflight CORS requests.void
configureOrigin(HttpServletResponse response, java.lang.String value)
Sets the Access-Control-Allow-Origin HTTP header with a given value.java.util.Optional<java.lang.String>
getAllowedOrigin(HttpServletRequest request)
Returns the origin of this requests, if it's allowed.java.util.Optional<java.lang.String>
getOrigin(HttpServletRequest request)
Returns the value of the Origin HTTP header.java.lang.String
getPath(HttpServletRequest request)
Returns the requested URL path, using the same logic asRequest.getPath()
.boolean
isPreflight(HttpServletRequest request)
Tells whether this request is a CORS preflight one (i.e.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.tapestry5.http.services.CorsHandlerHelper
addValueToVaryHeader
-
-
-
-
Constructor Detail
-
CorsHandlerHelperImpl
public CorsHandlerHelperImpl(@Symbol("tapestry.cors-allowed-origins") java.lang.String allowedOrigins, @Symbol("tapestry.cors-allow-credentials") boolean allowCredentials, @Symbol("tapestry.cors-allow-methods") java.lang.String allowMethods, @Symbol("tapestry.cors-allowed-headers") java.lang.String allowedHeaders, @Symbol("tapestry.cors-expose-headers") java.lang.String exposeHeaders, @Symbol("tapestry.cors-max-age") java.lang.String maxAge)
-
-
Method Detail
-
getPath
public java.lang.String getPath(HttpServletRequest request)
Description copied from interface:CorsHandlerHelper
Returns the requested URL path, using the same logic asRequest.getPath()
.- Specified by:
getPath
in interfaceCorsHandlerHelper
- Parameters:
request
- anHttpServletRequest
.- Returns:
- a
String
with the path.
-
getAllowedOrigin
public java.util.Optional<java.lang.String> getAllowedOrigin(HttpServletRequest request)
Description copied from interface:CorsHandlerHelper
Returns the origin of this requests, if it's allowed.- Specified by:
getAllowedOrigin
in interfaceCorsHandlerHelper
- Parameters:
request
- anHttpServletRequest
.- Returns:
- an
Optional
wrapping the allowed origin. - See Also:
TapestryHttpSymbolConstants.CORS_ALLOWED_ORIGINS
-
getOrigin
public java.util.Optional<java.lang.String> getOrigin(HttpServletRequest request)
Description copied from interface:CorsHandlerHelper
Returns the value of the Origin HTTP header.- Specified by:
getOrigin
in interfaceCorsHandlerHelper
- Parameters:
request
- anHttpServletRequest
.- Returns:
- an
Optional
wrapping the Origin HTTP header value.
-
isPreflight
public boolean isPreflight(HttpServletRequest request)
Description copied from interface:CorsHandlerHelper
Tells whether this request is a CORS preflight one (i.e. HTTP method OPTION and non-empty Origin HTTP header).- Specified by:
isPreflight
in interfaceCorsHandlerHelper
- Parameters:
request
- anHttpServletRequest
.- Returns:
true
if it's a preflight request,false
otherwise.
-
configureOrigin
public void configureOrigin(HttpServletResponse response, java.lang.String value)
Description copied from interface:CorsHandlerHelper
Sets the Access-Control-Allow-Origin HTTP header with a given value.- Specified by:
configureOrigin
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
instance.value
- a String.- See Also:
CorsHandlerHelper.ALLOW_ORIGIN_HEADER
-
configureCredentials
public void configureCredentials(HttpServletResponse response)
Description copied from interface:CorsHandlerHelper
Conditionally sets the Access-Control-Allow-Credentials HTTP header. Out-of-the-box, this is done based on theTapestryHttpSymbolConstants.CORS_ALLOW_CREDENTIALS
symbol.- Specified by:
configureCredentials
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
.- See Also:
TapestryHttpSymbolConstants.CORS_ALLOW_CREDENTIALS
-
configureMethods
public void configureMethods(HttpServletResponse response)
Description copied from interface:CorsHandlerHelper
Conditionally sets the Access-Control-Allow-Methods HTTP header in responses to preflight CORS requests. Out-of-the-box, the value comes fromTapestryHttpSymbolConstants.CORS_ALLOW_CREDENTIALS
symbol and the header is only set if the value isn't empty.- Specified by:
configureMethods
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
.- See Also:
TapestryHttpSymbolConstants.CORS_ALLOW_CREDENTIALS
-
configureAllowedHeaders
public void configureAllowedHeaders(HttpServletResponse response, HttpServletRequest request)
Description copied from interface:CorsHandlerHelper
Conditionally the Access-Control-Request-Headers HTTP header. Out-of-the-box, the value comes fromTapestryHttpSymbolConstants.CORS_ALLOWED_HEADERS
symbol if not empty. Otherwise, it comes from the value of the same HTTP header from the request, also if not empty. Otherwise, the header isn't set.- Specified by:
configureAllowedHeaders
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
.request
- anHttpServletRequest
.- See Also:
TapestryHttpSymbolConstants.CORS_ALLOWED_HEADERS
-
configureExposeHeaders
public void configureExposeHeaders(HttpServletResponse response)
Description copied from interface:CorsHandlerHelper
Conditionally sets the Access-Control-Expose-Headers HTTP header. Out-of-the-box, the value comes fromTapestryHttpSymbolConstants.CORS_EXPOSE_HEADERS
symbol, if not empty. Otherwise, the header isn't set.- Specified by:
configureExposeHeaders
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
.- See Also:
TapestryHttpSymbolConstants.CORS_EXPOSE_HEADERS
-
configureMaxAge
public void configureMaxAge(HttpServletResponse response)
Description copied from interface:CorsHandlerHelper
Conditionally sets the Access-Control-Max-Age HTTP header. Out-of-the-box, the value comes fromTapestryHttpSymbolConstants.CORS_MAX_AGE
symbol, if not empty. Otherwise, the header isn't set.- Specified by:
configureMaxAge
in interfaceCorsHandlerHelper
- Parameters:
response
- anHttpServletResponse
.- See Also:
TapestryHttpSymbolConstants.CORS_MAX_AGE
-
-