Interface CorsHandler

    • Method Detail

      • create

        static CorsHandler create()
        Create a empty CORS handler that allows * origin.
        Returns:
        the handler
      • addOrigin

        CorsHandler addOrigin​(String origin)
        Add an origin to the list of allowed Origins. An origin follows rfc6454#section-7 and is expected to have the format: <scheme> "://" <hostname> [ ":" <port> ]
        Parameters:
        origin - the well formatted static origin
        Returns:
        self
      • addRelativeOrigins

        CorsHandler addRelativeOrigins​(List<String> origins)
        Set the list of allowed relative origins. A relative origin is a regex that should match the format <scheme> "://" <hostname> [ ":" <port> ].
        Parameters:
        origins - the well formatted relative origin list
        Returns:
        self
      • addRelativeOrigin

        CorsHandler addRelativeOrigin​(String origin)
        Add a relative origin to the list of allowed Origins. A relative origin is a regex that should match the format <scheme> "://" <hostname> [ ":" <port> ].
        Parameters:
        origin - the well formatted static origin
        Returns:
        self
      • addOrigins

        CorsHandler addOrigins​(List<String> origins)
        Set the list of allowed origins. An origin follows rfc6454#section-7 and is expected to have the format: <scheme> "://" <hostname> [ ":" <port> ]
        Parameters:
        origins - the well formatted static origin list
        Returns:
        self
      • allowedMethod

        CorsHandler allowedMethod​(HttpMethod method)
        Add an allowed method
        Parameters:
        method - the method to add
        Returns:
        a reference to this, so the API can be used fluently
      • allowedMethods

        CorsHandler allowedMethods​(Set<HttpMethod> methods)
        Add a set of allowed methods
        Parameters:
        methods - the methods to add
        Returns:
        a reference to this, so the API can be used fluently
      • allowedHeader

        CorsHandler allowedHeader​(String headerName)
        Add an allowed header
        Parameters:
        headerName - the allowed header name
        Returns:
        a reference to this, so the API can be used fluently
      • allowedHeaders

        CorsHandler allowedHeaders​(Set<String> headerNames)
        Add a set of allowed headers
        Parameters:
        headerNames - the allowed header names
        Returns:
        a reference to this, so the API can be used fluently
      • exposedHeader

        CorsHandler exposedHeader​(String headerName)
        Add an exposed header
        Parameters:
        headerName - the exposed header name
        Returns:
        a reference to this, so the API can be used fluently
      • exposedHeaders

        CorsHandler exposedHeaders​(Set<String> headerNames)
        Add a set of exposed headers
        Parameters:
        headerNames - the exposed header names
        Returns:
        a reference to this, so the API can be used fluently
      • allowCredentials

        CorsHandler allowCredentials​(boolean allow)
        Set whether credentials are allowed. Note that user agents will block requests that use a wildcard as origin and include credentials. From the MDN documentation you can read:
        Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding.
        Parameters:
        allow - true if allowed
        Returns:
        a reference to this, so the API can be used fluently
      • maxAgeSeconds

        CorsHandler maxAgeSeconds​(int maxAgeSeconds)
        Set how long the browser should cache the information
        Parameters:
        maxAgeSeconds - max age in seconds
        Returns:
        a reference to this, so the API can be used fluently
      • allowPrivateNetwork

        CorsHandler allowPrivateNetwork​(boolean allow)
        Set whether access from public to private networks are allowed. Defaults to false
        Parameters:
        allow - true if allowed
        Returns:
        a reference to this, so the API can be used fluently