List of usage examples for org.springframework.web.cors CorsConfiguration addAllowedOrigin
public void addAllowedOrigin(String origin)
From source file:org.jimsey.projects.turbine.condenser.security.SecuritySetup.java
/** * https://spring.io/guides/tutorials/spring-security-and-angular-js/ * /*from w w w . j a va 2s.c o m*/ * "The browser tries to negotiate with our resource server to find out * if it is allowed to access it according to the Cross Origin Resource * Sharing protocol. Its not an Angular JS responsibility, so just like * the cookie contract it will work like this with all JavaScript in the * browser. The two servers do not declare that they have a common * origin, so the browser declines to send the request and the UI is broken. * * To fix that we need to support the CORS protocol which involves a * "pre-flight" OPTIONS request and some headers to list the allowed * behaviour of the caller." * * NOTE: With Spring Security, automatic registration is still expected * by spring Boot when annotated with @Bean but it DOES NOT WORK * Instead, this filter is registered in the configure() method above * http://stackoverflow.com/questions/31724994/spring-data-rest-and-cors */ public static CorsFilter newCorsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:ca.uhn.fhir.rest.server.interceptor.CorsInterceptor.java
private static CorsConfiguration createDefaultCorsConfig() { CorsConfiguration retVal = new CorsConfiguration(); // ********************************************************* // Update constructor documentation if you change these: // ********************************************************* retVal.addAllowedHeader("Origin"); retVal.addAllowedHeader("Accept"); retVal.addAllowedHeader("X-Requested-With"); retVal.addAllowedHeader("Content-Type"); retVal.addAllowedHeader("Access-Control-Request-Method"); retVal.addAllowedHeader("Access-Control-Request-Headers"); retVal.addAllowedOrigin("*"); retVal.addExposedHeader("Location"); retVal.addExposedHeader("Content-Location"); return retVal; }
From source file:com.expedia.seiso.Seiso.java
@Bean public CorsFilter corsFilter() { CorsConfiguration config = new CorsConfiguration(); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("PUT"); config.addAllowedMethod("PATCH"); config.addAllowedMethod("DELETE"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:org.ameba.http.PermitAllCorsConfigurationSource.java
/** * {@inheritDoc}//w w w .j ava 2s.c om * * Returns a pre-configured configuration that allows everything from everywhere. */ @Override public CorsConfiguration getCorsConfiguration(HttpServletRequest request) { CorsConfiguration corsConfiguration = new CorsConfiguration(); corsConfiguration.addAllowedOrigin("*"); corsConfiguration.setAllowedMethods(asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); corsConfiguration.setAllowedHeaders(asList("Content-Type", "X-REQUESTED-WITH", "Authorization")); corsConfiguration.setMaxAge(1800L); return corsConfiguration; }
From source file:pl.szcze.userserviceproject.RestConfiguration.java
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true);/*from w w w. j a v a 2s.c o m*/ config.addAllowedOrigin("*"); config.addAllowedHeader("x-requested-with"); config.addAllowedHeader("x-auth-token"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); config.setMaxAge(3600l); source.registerCorsConfiguration("/**", config); // return new CorsFilter(source); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
From source file:com.orange.clara.pivotaltrackermirror.config.AppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true);//from w w w .j av a 2 s .com config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:io.github.proxyprint.kitchen.WebAppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.meals.on.wheels.MealsOnWheelsApplication.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.todo.backend.config.WebConfiguration.java
@Bean @Profile("dev")//from w w w . j ava 2 s .c o m public CorsFilter corsFilter() { log.info("Initializing CORS filter..."); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("OPTIONS"); config.setMaxAge(1800L); final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/api/**", config); source.registerCorsConfiguration("/v2/api-docs/**", config); return new CorsFilter(source); }
From source file:me.jcala.xmarket.server.conf.RestConfig.java
/** * //from w w w. j a v a2 s . com */ @Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowCredentials(true); configuration.addAllowedOrigin("*"); configuration.addAllowedHeader("*"); configuration.setAllowedMethods(Arrays.asList("GET", "PUT", "POST", "DELETE")); source.registerCorsConfiguration("/**", configuration); return new CorsFilter(source); }