org.restlet.service

Class CorsService

java.lang.Object

org.restlet.service.Service

org.restlet.service.CorsService

public class CorsService
extends Service

Application service that adds support of CORS. This service lets the target resource specifies the allowed methods. Example:

 CorsService corsService = new CorsService();
 corsService.setAllowedOrigins(new HashSet(Arrays.asList("http://server.com")));
 corsService.setAllowedCredentials(true);
 

Author:

Manuel Boillod

Field Summary

Fields

Modifier and Type	Field and Description
boolean	allowAllRequestedHeaders If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header.
boolean	allowedCredentials If true, add 'Access-Control-Allow-Credentials' header.
java.util.Set<java.lang.String>	allowedHeaders The value of 'Access-Control-Allow-Headers' response header.
java.util.Set<java.lang.String>	allowedOrigins The value of 'Access-Control-Allow-Origin' header.
java.util.Set<java.lang.String>	exposedHeaders The value of 'Access-Control-Expose-Headers' response header.

Constructor Summary

Constructors

Constructor and Description
CorsService() Constructor.
CorsService(boolean enabled) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
Filter	createInboundFilter(Context context) Create the filter that should be invoked for incoming calls.
java.util.Set<java.lang.String>	getAllowedHeaders() Returns the modifiable set of headers allowed by the actual request on the current resource. Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Headers" header.
java.util.Set<java.lang.String>	getAllowedOrigins() Returns the URI an origin server allows for the requested resource.
java.util.Set<java.lang.String>	getExposedHeaders() Returns a modifiable whitelist of headers an origin server allows for the requested resource. Note that when used with HTTP connectors, this property maps to the "Access-Control-Expose-Headers" header.
boolean	isAllowAllRequestedHeaders() If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header.
boolean	isAllowedCredentials() If true, adds 'Access-Control-Allow-Credentials' header.
void	setAllowAllRequestedHeaders(boolean allowAllRequestedHeaders) If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header.
void	setAllowedCredentials(boolean allowedCredentials) If true, adds 'Access-Control-Allow-Credentials' header.
void	setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders) Sets the value of the 'Access-Control-Allow-Headers' response header.
void	setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins) Sets the value of 'Access-Control-Allow-Origin' header.
void	setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders) Sets the value of 'Access-Control-Expose-Headers' response header.

Methods inherited from class org.restlet.service.Service

createOutboundFilter, getContext, isEnabled, isStarted, isStopped, setContext, setEnabled, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

allowAllRequestedHeaders

public boolean allowAllRequestedHeaders

If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders. Default is true.

allowedCredentials

public boolean allowedCredentials

If true, add 'Access-Control-Allow-Credentials' header. Default is false.

allowedHeaders

public java.util.Set<java.lang.String> allowedHeaders

The value of 'Access-Control-Allow-Headers' response header. Used only if allowAllRequestedHeaders is false.

allowedOrigins

public java.util.Set<java.lang.String> allowedOrigins

The value of 'Access-Control-Allow-Origin' header. Default is '*'.

exposedHeaders

public java.util.Set<java.lang.String> exposedHeaders

The value of 'Access-Control-Expose-Headers' response header.

Constructor Detail

CorsService

public CorsService()

Constructor.

CorsService

public CorsService(boolean enabled)

Constructor.

Parameters:

enabled - True if the service has been enabled.

Method Detail

createInboundFilter

public Filter createInboundFilter(Context context)

Description copied from class: Service

Create the filter that should be invoked for incoming calls.

Overrides:

createInboundFilter in class Service

Parameters:

context - The current context.

Returns:

The new filter or null.

getAllowedHeaders

public java.util.Set<java.lang.String> getAllowedHeaders()

Returns the modifiable set of headers allowed by the actual request on the current resource.
Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Headers" header.

Returns:

The set of headers allowed by the actual request on the current resource.

getAllowedOrigins

public java.util.Set<java.lang.String> getAllowedOrigins()

Returns the URI an origin server allows for the requested resource. Use "*" as a wildcard character.
Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Origin" header.

Returns:

The origin allowed by the requested resource.

getExposedHeaders

public java.util.Set<java.lang.String> getExposedHeaders()

Returns a modifiable whitelist of headers an origin server allows for the requested resource.
Note that when used with HTTP connectors, this property maps to the "Access-Control-Expose-Headers" header.

Returns:

The set of headers an origin server allows for the requested resource.

isAllowAllRequestedHeaders

public boolean isAllowAllRequestedHeaders()

If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.

isAllowedCredentials

public boolean isAllowedCredentials()

If true, adds 'Access-Control-Allow-Credentials' header.

Returns:

True, if the 'Access-Control-Allow-Credentials' header will be added.

setAllowAllRequestedHeaders

public void setAllowAllRequestedHeaders(boolean allowAllRequestedHeaders)

If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.

Parameters:

allowAllRequestedHeaders - True to copy the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.

setAllowedCredentials

public void setAllowedCredentials(boolean allowedCredentials)

If true, adds 'Access-Control-Allow-Credentials' header.

Parameters:

allowedCredentials - True to add the 'Access-Control-Allow-Credentials' header.

setAllowedHeaders

public void setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)

Sets the value of the 'Access-Control-Allow-Headers' response header. Used only if allowAllRequestedHeaders is false.

Parameters:

allowedHeaders - The value of 'Access-Control-Allow-Headers' response header.

setAllowedOrigins

public void setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)

Sets the value of 'Access-Control-Allow-Origin' header.

Parameters:

allowedOrigins - The value of 'Access-Control-Allow-Origin' header.

setExposedHeaders

public void setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)

Sets the value of 'Access-Control-Expose-Headers' response header.

Parameters:

exposedHeaders - The value of 'Access-Control-Expose-Headers' response header.