Class CorsUtils
java.lang.Object
org.springframework.web.cors.reactive.CorsUtils
Utility class for CORS reactive request handling based on the
CORS W3C recommendation.
- Since:
- 5.0
- Author:
- Sebastien Deleuze
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic booleanisCorsRequest(ServerHttpRequest request) Returnstrueif the request is a valid CORS one by checkingOriginheader presence and ensuring that origins are different viaisSameOrigin(org.springframework.http.server.reactive.ServerHttpRequest).static booleanisPreFlightRequest(ServerHttpRequest request) Returnstrueif the request is a valid CORS pre-flight one by checking {code OPTIONS} method withOriginandAccess-Control-Request-Methodheaders presence.static booleanisSameOrigin(ServerHttpRequest request) Deprecated.
-
Constructor Details
-
CorsUtils
public CorsUtils()
-
-
Method Details
-
isCorsRequest
Returnstrueif the request is a valid CORS one by checkingOriginheader presence and ensuring that origins are different viaisSameOrigin(org.springframework.http.server.reactive.ServerHttpRequest). -
isPreFlightRequest
Returnstrueif the request is a valid CORS pre-flight one by checking {code OPTIONS} method withOriginandAccess-Control-Request-Methodheaders presence. -
isSameOrigin
Deprecated.as of 5.2, same-origin checks are performed directly byisCorsRequest(org.springframework.http.server.reactive.ServerHttpRequest)Check if the request is a same-origin one, based onOrigin, andHostheaders.Note: as of 5.1 this method ignores
"Forwarded"and"X-Forwarded-*"headers that specify the client-originated address. Consider using theForwardedHeaderFilterto extract and use, or to discard such headers.- Returns:
trueif the request is a same-origin one,falsein case of a cross-origin request
-
isCorsRequest(org.springframework.http.server.reactive.ServerHttpRequest)