private static CorsMetadata extractCorsMetadata(final HttpRequest request) { final String origin = request.headers().get(ORIGIN); final String headers = request.headers().get(ACCESS_CONTROL_REQUEST_HEADERS); return new CorsMetadata(origin, headers); }
@Override public void write(final ChannelHandlerContext ctx, final Object msg, final ChannelPromise promise) throws Exception { if (msg instanceof HttpResponse) { final HttpResponse response = (HttpResponse) msg; final CorsMetadata cmd = ctx.channel().attr(CorsInboundHandler.CORS).get(); if (cmd != null) { response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, cmd.origin()); if (cmd.hasHeaders()) { response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS, cmd.headers()); } response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); } } ctx.writeAndFlush(msg, promise); }
private static void handlePreflight(final ChannelHandlerContext ctx, final CorsMetadata md, final HttpRequest request) { final HttpResponse response = new DefaultHttpResponse(request.getProtocolVersion(), NO_CONTENT); final HttpHeaders headers = response.headers(); headers.set(CONTENT_TYPE, Transports.CONTENT_TYPE_PLAIN); headers.set(CACHE_CONTROL, "max-age=31536000, public"); headers.set(ACCESS_CONTROL_ALLOW_ORIGIN, md.origin()); headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); headers.set(ACCESS_CONTROL_MAX_AGE, "31536000"); if (isPollingTransport(request.getUri())) { headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, POST"); } else { headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, GET"); } headers.set(ACCESS_CONTROL_ALLOW_HEADERS, "Content-Type"); headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); headers.set(EXPIRES, "dummy"); headers.set(SET_COOKIE, Transports.DEFAULT_COOKIE); ctx.writeAndFlush(response); }
private static void handlePreflight(final ChannelHandlerContext ctx, final CorsMetadata md, final HttpRequest request) { final HttpResponse response = new DefaultHttpResponse(request.getProtocolVersion(), NO_CONTENT); final HttpHeaders headers = response.headers(); headers.set(CONTENT_TYPE, Transports.CONTENT_TYPE_PLAIN); headers.set(CACHE_CONTROL, "max-age=31536000, public"); headers.set(ACCESS_CONTROL_ALLOW_ORIGIN, md.origin()); headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); headers.set(ACCESS_CONTROL_MAX_AGE, "31536000"); if (isPollingTransport(request.getUri())) { headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, POST"); } else { headers.set(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS, GET"); } headers.set(ACCESS_CONTROL_ALLOW_HEADERS, "Content-Type"); headers.set(ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); headers.set(EXPIRES, "dummy"); headers.set(SET_COOKIE, Transports.DEFAULT_COOKIE); ctx.writeAndFlush(response); }
@Override public void write(final ChannelHandlerContext ctx, final Object msg, final ChannelPromise promise) throws Exception { if (msg instanceof HttpResponse) { final HttpResponse response = (HttpResponse) msg; final CorsMetadata cmd = ctx.channel().attr(CorsInboundHandler.CORS).get(); if (cmd != null) { response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, cmd.origin()); if (cmd.hasHeaders()) { response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS, cmd.headers()); } response.headers().set(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); } } ctx.writeAndFlush(msg, promise); }
private static CorsMetadata extractCorsMetadata(final HttpRequest request) { final String origin = request.headers().get(ORIGIN); final String headers = request.headers().get(ACCESS_CONTROL_REQUEST_HEADERS); return new CorsMetadata(origin, headers); }