Example usage for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS

List of usage examples for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS

  1. HOME
  2. Java
  3. io.vertx
  4. io.vertx.core.http.*
  5. HttpHeaders
  6. ACCESS_CONTROL_REQUEST_HEADERS

Introduction

In this page you can find the example usage for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS.

Prototype

CharSequence ACCESS_CONTROL_REQUEST_HEADERS

To view the source code for io.vertx.core.http HttpHeaders ACCESS_CONTROL_REQUEST_HEADERS.

Click Source Link

Document

Access-Control-Request-Headers header name

Usage

From source file:org.eclipse.hono.adapter.http.HonoAuthHandlerImpl.java

License:Open Source License

private boolean handlePreflight(RoutingContext ctx) {
    final HttpServerRequest request = ctx.request();
    // See: https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0
    // Preflight requests should not be subject to security due to the reason UAs will remove the Authorization header
    if (request.method() == HttpMethod.OPTIONS) {
        // check if there is a access control request header
        final String accessControlRequestHeader = ctx.request()
                .getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        if (accessControlRequestHeader != null) {
            // lookup for the Authorization header
            for (String ctrlReq : accessControlRequestHeader.split(",")) {
                if (ctrlReq.equalsIgnoreCase("Authorization")) {
                    // this request has auth in access control, so we can allow preflighs without authentication
                    ctx.next();/*from  ww  w  . jav  a  2s.c o  m*/
                    return true;
                }
            }
        }
    }

    return false;
}

From source file:org.eclipse.hono.service.auth.device.HonoAuthHandler.java

License:Open Source License

private boolean handlePreflight(final RoutingContext ctx) {
    final HttpServerRequest request = ctx.request();
    // See: https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0
    // Preflight requests should not be subject to security due to the reason UAs will remove the Authorization header
    if (request.method() == HttpMethod.OPTIONS) {
        // check if there is a access control request header
        final String accessControlRequestHeader = ctx.request()
                .getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        if (accessControlRequestHeader != null) {
            // lookup for the Authorization header
            for (final String ctrlReq : accessControlRequestHeader.split(",")) {
                if (ctrlReq.equalsIgnoreCase("Authorization")) {
                    // this request has auth in access control, so we can allow preflighs without authentication
                    ctx.next();//from  w w w  .j  av a  2 s .  co m
                    return true;
                }
            }
        }
    }

    return false;
}