/** * Add a set of exposed headers * @param headerNames the exposed header names * @return a reference to this, so the API can be used fluently */ public io.vertx.rxjava.ext.web.handler.CorsHandler exposedHeaders(Set<String> headerNames) { delegate.exposedHeaders(headerNames); return this; }
/** * Add a set of exposed headers * @param headerNames the exposed header names * @return a reference to this, so the API can be used fluently */ public io.vertx.rxjava.ext.web.handler.CorsHandler exposedHeaders(Set<String> headerNames) { delegate.exposedHeaders(headerNames); return this; }
@Test public void testPreflightNoExposeHeaders() throws Exception { Set<HttpMethod> allowedMethods = new LinkedHashSet<>(Arrays.asList(HttpMethod.PUT, HttpMethod.DELETE)); Set<String> exposeHeaders = new LinkedHashSet<>(Arrays.asList("X-floob", "X-blurp")); router.route().handler(CorsHandler.create("vertx\\.io").allowedMethods(allowedMethods).exposedHeaders(exposeHeaders)); router.route().handler(context -> context.response().end()); testRequest(HttpMethod.OPTIONS, "/", req -> { req.headers().add("origin", "vertx.io"); req.headers().add("access-control-request-method", "PUT,DELETE"); }, resp -> { // Note expose headers header is never provided in response of pre-flight request checkHeaders(resp, "vertx.io", "PUT,DELETE", null, null); }, 200, "OK", null); }
/** * Support CORS */ void mountCorsHandler(Router mainRouter) { if (!TransportConfig.isCorsEnabled()) { return; } CorsHandler corsHandler = getCorsHandler(TransportConfig.getCorsAllowedOrigin()); // Access-Control-Allow-Credentials corsHandler.allowCredentials(TransportConfig.isCorsAllowCredentials()); // Access-Control-Allow-Headers corsHandler.allowedHeaders(TransportConfig.getCorsAllowedHeaders()); // Access-Control-Allow-Methods Set<String> allowedMethods = TransportConfig.getCorsAllowedMethods(); for (String method : allowedMethods) { corsHandler.allowedMethod(HttpMethod.valueOf(method)); } // Access-Control-Expose-Headers corsHandler.exposedHeaders(TransportConfig.getCorsExposedHeaders()); // Access-Control-Max-Age int maxAge = TransportConfig.getCorsMaxAge(); if (maxAge >= 0) { corsHandler.maxAgeSeconds(maxAge); } LOGGER.info("mount CorsHandler"); mainRouter.route().handler(corsHandler); }
@Test public void testChaining() throws Exception { CorsHandler cors = CorsHandler.create("*"); assertNotNull(cors); assertSame(cors, cors.allowedMethod(HttpMethod.POST)); assertSame(cors, cors.allowedMethod(HttpMethod.DELETE)); assertSame(cors, cors.allowedMethods(new HashSet<>())); assertSame(cors, cors.allowedHeader("X-foo")); assertSame(cors, cors.allowedHeader("X-bar")); assertSame(cors, cors.allowedHeaders(new HashSet<>())); assertSame(cors, cors.exposedHeader("X-wibble")); assertSame(cors, cors.exposedHeader("X-blah")); assertSame(cors, cors.exposedHeaders(new HashSet<>())); }
@Test public void testPreflightNoExposeHeaders() throws Exception { Set<HttpMethod> allowedMethods = new LinkedHashSet<>(Arrays.asList(HttpMethod.PUT, HttpMethod.DELETE)); Set<String> exposeHeaders = new LinkedHashSet<>(Arrays.asList("X-floob", "X-blurp")); router.route().handler(CorsHandler.create("vertx\\.io").allowedMethods(allowedMethods).exposedHeaders(exposeHeaders)); router.route().handler(context -> context.response().end()); testRequest(HttpMethod.OPTIONS, "/", req -> { req.headers().add("origin", "vertx.io"); req.headers().add("access-control-request-method", "PUT,DELETE"); }, resp -> { // Note expose headers header is never provided in response of pre-flight request checkHeaders(resp, "vertx.io", "PUT,DELETE", null, null); }, 200, "OK", null); }
/** * Support CORS */ void mountCorsHandler(Router mainRouter) { if (!TransportConfig.isCorsEnabled()) { return; } CorsHandler corsHandler = getCorsHandler(TransportConfig.getCorsAllowedOrigin()); // Access-Control-Allow-Credentials corsHandler.allowCredentials(TransportConfig.isCorsAllowCredentials()); // Access-Control-Allow-Headers corsHandler.allowedHeaders(TransportConfig.getCorsAllowedHeaders()); // Access-Control-Allow-Methods Set<String> allowedMethods = TransportConfig.getCorsAllowedMethods(); for (String method : allowedMethods) { corsHandler.allowedMethod(HttpMethod.valueOf(method)); } // Access-Control-Expose-Headers corsHandler.exposedHeaders(TransportConfig.getCorsExposedHeaders()); // Access-Control-Max-Age int maxAge = TransportConfig.getCorsMaxAge(); if (maxAge >= 0) { corsHandler.maxAgeSeconds(maxAge); } LOGGER.info("mount CorsHandler"); mainRouter.route().handler(corsHandler); }
corsHandler.exposedHeader((String)exposeHeaders); } else if (exposeHeaders instanceof JsonArray) { corsHandler.exposedHeaders(Seq.seq((JsonArray)exposeHeaders) .cast(String.class).toSet()); } else if (exposeHeaders != null) {
@Test public void testChaining() throws Exception { CorsHandler cors = CorsHandler.create("*"); assertNotNull(cors); assertSame(cors, cors.allowedMethod(HttpMethod.POST)); assertSame(cors, cors.allowedMethod(HttpMethod.DELETE)); assertSame(cors, cors.allowedMethods(new HashSet<>())); assertSame(cors, cors.allowedHeader("X-foo")); assertSame(cors, cors.allowedHeader("X-bar")); assertSame(cors, cors.allowedHeaders(new HashSet<>())); assertSame(cors, cors.exposedHeader("X-wibble")); assertSame(cors, cors.exposedHeader("X-blah")); assertSame(cors, cors.exposedHeaders(new HashSet<>())); }