Interface CorsHandler
- All Superinterfaces:
Handler<RoutingContext>, SecurityPolicyHandler
A handler which implements server side http://www.w3.org/TR/cors/[CORS] support for Vert.x-Web.
- Author:
- Tim Fox, Paulo Lopes
-
Method Summary
Modifier and TypeMethodDescriptionAdd an origin to the list of allowed Origins.addOrigins(List<String> origins) Set the list of allowed origins.addOriginsWithRegex(List<String> origins) Set the list of allowed regex origins.addOriginWithRegex(String origin) Add a regex origin to the list of allowed Origins.allowCredentials(boolean allow) Set whether credentials are allowed.allowedHeader(String headerName) Add an allowed headerallowedHeaders(Set<String> headerNames) Add a set of allowed headersallowedMethod(HttpMethod method) Add an allowed methodallowedMethods(Set<HttpMethod> methods) Add a set of allowed methodsallowPrivateNetwork(boolean allow) Set whether access from public to private networks are allowed.static CorsHandlercreate()Create a empty CORS handler that allows*origin.exposedHeader(String headerName) Add an exposed headerexposedHeaders(Set<String> headerNames) Add a set of exposed headersmaxAgeSeconds(int maxAgeSeconds) Set how long the browser should cache the information
-
Method Details
-
create
-
addOrigin
Add an origin to the list of allowed Origins. An origin follows rfc6454#section-7 and is expected to have the format:<scheme> "://" <hostname> [ ":" <port> ]- Parameters:
origin- the well formatted static origin- Returns:
- self
-
addOriginsWithRegex
Set the list of allowed regex origins. A regex origin is a pattern that should match the format<scheme> "://" <hostname> [ ":" <port> ].- Parameters:
origins- the well formatted regex origin list- Returns:
- self
-
addOriginWithRegex
Add a regex origin to the list of allowed Origins. A regex origin is a pattern that should match the format<scheme> "://" <hostname> [ ":" <port> ].- Parameters:
origin- the well formatted static origin- Returns:
- self
-
addOrigins
Set the list of allowed origins. An origin follows rfc6454#section-7 and is expected to have the format:<scheme> "://" <hostname> [ ":" <port> ]- Parameters:
origins- the well formatted static origin list- Returns:
- self
-
allowedMethod
Add an allowed method- Parameters:
method- the method to add- Returns:
- a reference to this, so the API can be used fluently
-
allowedMethods
Add a set of allowed methods- Parameters:
methods- the methods to add- Returns:
- a reference to this, so the API can be used fluently
-
allowedHeader
Add an allowed header- Parameters:
headerName- the allowed header name- Returns:
- a reference to this, so the API can be used fluently
-
allowedHeaders
Add a set of allowed headers- Parameters:
headerNames- the allowed header names- Returns:
- a reference to this, so the API can be used fluently
-
exposedHeader
Add an exposed header- Parameters:
headerName- the exposed header name- Returns:
- a reference to this, so the API can be used fluently
-
exposedHeaders
Add a set of exposed headers- Parameters:
headerNames- the exposed header names- Returns:
- a reference to this, so the API can be used fluently
-
allowCredentials
Set whether credentials are allowed. Note that user agents will block requests that use a wildcard as origin and include credentials. From the MDN documentation you can read:Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding.
- Parameters:
allow- true if allowed- Returns:
- a reference to this, so the API can be used fluently
-
maxAgeSeconds
Set how long the browser should cache the information- Parameters:
maxAgeSeconds- max age in seconds- Returns:
- a reference to this, so the API can be used fluently
-
allowPrivateNetwork
Set whether access from public to private networks are allowed. Defaults to false- Parameters:
allow- true if allowed- Returns:
- a reference to this, so the API can be used fluently
-