Class DefaultCorsProcessor
java.lang.Object
org.springframework.web.cors.reactive.DefaultCorsProcessor
- All Implemented Interfaces:
CorsProcessor
The default implementation of
CorsProcessor,
as defined by the CORS W3C recommendation.
Note that when input CorsConfiguration is null, this
implementation does not reject simple or actual requests outright but simply
avoid adding CORS headers to the response. CORS processing is also skipped
if the response already contains CORS headers.
- Since:
- 5.0
- Author:
- Sebastien Deleuze, Rossen Stoyanchev
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncheckHeaders(CorsConfiguration config, List<String> requestHeaders) Check the headers and determine the headers for the response of a pre-flight request.protected List<HttpMethod>checkMethods(CorsConfiguration config, HttpMethod requestMethod) Check the HTTP method and determine the methods for the response of a pre-flight request.protected StringcheckOrigin(CorsConfiguration config, String requestOrigin) Check the origin and determine the origin for the response.protected booleanhandleInternal(ServerWebExchange exchange, CorsConfiguration config, boolean preFlightRequest) Handle the given request.booleanprocess(CorsConfiguration config, ServerWebExchange exchange) Process a request using the givenCorsConfiguration.protected voidrejectRequest(ServerHttpResponse response) Invoked when one of the CORS checks failed.
-
Constructor Details
-
DefaultCorsProcessor
public DefaultCorsProcessor()
-
-
Method Details
-
process
Description copied from interface:CorsProcessorProcess a request using the givenCorsConfiguration.- Specified by:
processin interfaceCorsProcessor- Parameters:
config- the CORS configuration to use; possiblynullin which case pre-flight requests are rejected, but all others allowed.exchange- the current exchange- Returns:
falseif the request was rejected,trueotherwise
-
rejectRequest
Invoked when one of the CORS checks failed. -
handleInternal
protected boolean handleInternal(ServerWebExchange exchange, CorsConfiguration config, boolean preFlightRequest) Handle the given request. -
checkOrigin
Check the origin and determine the origin for the response. The default implementation simply delegates toCorsConfiguration.checkOrigin(String). -
checkMethods
@Nullable protected List<HttpMethod> checkMethods(CorsConfiguration config, @Nullable HttpMethod requestMethod) Check the HTTP method and determine the methods for the response of a pre-flight request. The default implementation simply delegates toCorsConfiguration.checkHttpMethod(HttpMethod). -
checkHeaders
@Nullable protected List<String> checkHeaders(CorsConfiguration config, List<String> requestHeaders) Check the headers and determine the headers for the response of a pre-flight request. The default implementation simply delegates toCorsConfiguration.checkOrigin(String).
-