List of usage examples for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS
CharSequence ACCESS_CONTROL_REQUEST_HEADERS
To view the source code for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS.
Click Source Link
From source file:org.eclipse.hono.adapter.http.HonoAuthHandlerImpl.java
License:Open Source License
private boolean handlePreflight(RoutingContext ctx) { final HttpServerRequest request = ctx.request(); // See: https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 // Preflight requests should not be subject to security due to the reason UAs will remove the Authorization header if (request.method() == HttpMethod.OPTIONS) { // check if there is a access control request header final String accessControlRequestHeader = ctx.request() .getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS); if (accessControlRequestHeader != null) { // lookup for the Authorization header for (String ctrlReq : accessControlRequestHeader.split(",")) { if (ctrlReq.equalsIgnoreCase("Authorization")) { // this request has auth in access control, so we can allow preflighs without authentication ctx.next();/*from ww w . jav a 2s.c o m*/ return true; } } } } return false; }
From source file:org.eclipse.hono.service.auth.device.HonoAuthHandler.java
License:Open Source License
private boolean handlePreflight(final RoutingContext ctx) { final HttpServerRequest request = ctx.request(); // See: https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 // Preflight requests should not be subject to security due to the reason UAs will remove the Authorization header if (request.method() == HttpMethod.OPTIONS) { // check if there is a access control request header final String accessControlRequestHeader = ctx.request() .getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS); if (accessControlRequestHeader != null) { // lookup for the Authorization header for (final String ctrlReq : accessControlRequestHeader.split(",")) { if (ctrlReq.equalsIgnoreCase("Authorization")) { // this request has auth in access control, so we can allow preflighs without authentication ctx.next();//from w w w .j av a 2 s . co m return true; } } } } return false; }