Example usage for org.springframework.web.util WebUtils isValidOrigin

List of usage examples for org.springframework.web.util WebUtils isValidOrigin

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.web.util.*
  5. WebUtils
  6. isValidOrigin

Introduction

In this page you can find the example usage for org.springframework.web.util WebUtils isValidOrigin.

Prototype

public static boolean isValidOrigin(HttpRequest request, Collection<String> allowedOrigins)

Source Link

Document

Check the given request origin against a list of allowed origins.

Usage

From source file:org.springframework.web.socket.server.support.OriginHandshakeInterceptor.java

@Override
public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response,
        WebSocketHandler wsHandler, Map<String, Object> attributes) throws Exception {

    if (!WebUtils.isSameOrigin(request) && !WebUtils.isValidOrigin(request, this.allowedOrigins)) {
        response.setStatusCode(HttpStatus.FORBIDDEN);
        if (logger.isDebugEnabled()) {
            logger.debug("Handshake request rejected, Origin header value " + request.getHeaders().getOrigin()
                    + " not allowed");
        }//  ww  w  .  j  a  v  a2s  .  com
        return false;
    }
    return true;
}

From source file:org.springframework.web.socket.sockjs.support.AbstractSockJsService.java

protected boolean checkOrigin(ServerHttpRequest request, ServerHttpResponse response, HttpMethod... httpMethods)
        throws IOException {

    if (WebUtils.isSameOrigin(request)) {
        return true;
    }//from   w  w w  . j  a v  a 2 s  .c  o  m

    if (!WebUtils.isValidOrigin(request, this.allowedOrigins)) {
        if (logger.isWarnEnabled()) {
            logger.warn("Origin header value '" + request.getHeaders().getOrigin() + "' not allowed.");
        }
        response.setStatusCode(HttpStatus.FORBIDDEN);
        return false;
    }

    return true;
}