List of usage examples for org.springframework.web.cors CorsConfiguration addAllowedHeader
public void addAllowedHeader(String allowedHeader)
From source file:org.jimsey.projects.turbine.condenser.security.SecuritySetup.java
/** * https://spring.io/guides/tutorials/spring-security-and-angular-js/ * /*from w w w .j av a2 s. co m*/ * "The browser tries to negotiate with our resource server to find out * if it is allowed to access it according to the Cross Origin Resource * Sharing protocol. Its not an Angular JS responsibility, so just like * the cookie contract it will work like this with all JavaScript in the * browser. The two servers do not declare that they have a common * origin, so the browser declines to send the request and the UI is broken. * * To fix that we need to support the CORS protocol which involves a * "pre-flight" OPTIONS request and some headers to list the allowed * behaviour of the caller." * * NOTE: With Spring Security, automatic registration is still expected * by spring Boot when annotated with @Bean but it DOES NOT WORK * Instead, this filter is registered in the configure() method above * http://stackoverflow.com/questions/31724994/spring-data-rest-and-cors */ public static CorsFilter newCorsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:ca.uhn.fhir.rest.server.interceptor.CorsInterceptor.java
private static CorsConfiguration createDefaultCorsConfig() { CorsConfiguration retVal = new CorsConfiguration(); // ********************************************************* // Update constructor documentation if you change these: // ********************************************************* retVal.addAllowedHeader("Origin"); retVal.addAllowedHeader("Accept"); retVal.addAllowedHeader("X-Requested-With"); retVal.addAllowedHeader("Content-Type"); retVal.addAllowedHeader("Access-Control-Request-Method"); retVal.addAllowedHeader("Access-Control-Request-Headers"); retVal.addAllowedOrigin("*"); retVal.addExposedHeader("Location"); retVal.addExposedHeader("Content-Location"); return retVal; }
From source file:com.expedia.seiso.Seiso.java
@Bean public CorsFilter corsFilter() { CorsConfiguration config = new CorsConfiguration(); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("PUT"); config.addAllowedMethod("PATCH"); config.addAllowedMethod("DELETE"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:pl.szcze.userserviceproject.RestConfiguration.java
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true);//from w ww . j a v a 2s . c o m config.addAllowedOrigin("*"); config.addAllowedHeader("x-requested-with"); config.addAllowedHeader("x-auth-token"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); config.setMaxAge(3600l); source.registerCorsConfiguration("/**", config); // return new CorsFilter(source); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
From source file:com.orange.clara.pivotaltrackermirror.config.AppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true);/* ww w.j av a 2s .c om*/ config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:io.github.proxyprint.kitchen.WebAppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.meals.on.wheels.MealsOnWheelsApplication.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.todo.backend.config.WebConfiguration.java
@Bean @Profile("dev")/*from w w w . j a v a 2s. c o m*/ public CorsFilter corsFilter() { log.info("Initializing CORS filter..."); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("OPTIONS"); config.setMaxAge(1800L); final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/api/**", config); source.registerCorsConfiguration("/v2/api-docs/**", config); return new CorsFilter(source); }
From source file:org.moserp.RestConfiguration.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:me.jcala.xmarket.server.conf.RestConfig.java
/** * // w w w .j a v a 2s . c o m */ @Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowCredentials(true); configuration.addAllowedOrigin("*"); configuration.addAllowedHeader("*"); configuration.setAllowedMethods(Arrays.asList("GET", "PUT", "POST", "DELETE")); source.registerCorsConfiguration("/**", configuration); return new CorsFilter(source); }