CorsService (Restlet API 2.4.4

java.lang.Object
- org.restlet.service.Service
- - org.restlet.service.CorsService

public class CorsService
extends Service

Application service that adds support of CORS. This service lets the target resource specifies the allowed methods. Example:

 CorsService corsService = new CorsService();
 corsService.setAllowedOrigins(new HashSet(Arrays.asList("http://server.com")));
 corsService.setAllowedCredentials(true);

Author:: Manuel Boillod

Constructor Summary

Constructors
Constructor and Description

CorsService()
Constructor.

CorsService(boolean enabled)
Constructor.

Constructors
Constructor and Description
`CorsService()` Constructor.
`CorsService(boolean enabled)` Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Filter`	`createInboundFilter(Context context)` Create the filter that should be invoked for incoming calls.
`java.util.Set<java.lang.String>`	`getAllowedHeaders()` Returns the modifiable set of headers allowed by the actual request on the current resource.
`java.util.Set<java.lang.String>`	`getAllowedOrigins()` Returns the URI an origin server allows for the requested resource.
`java.util.Set<Method>`	`getDefaultAllowedMethods()` Returns the list of methods allowed by default, used when `skippingResourceForCorsOptions` is turned on.
`java.util.Set<java.lang.String>`	`getExposedHeaders()` Returns a modifiable whitelist of headers an origin server allows for the requested resource.
`int`	`getMaxAge()` Indicates how long (in seconds) the results of a preflight request can be cached in a preflight result cache.
`boolean`	`isAllowedCredentials()` If true, adds 'Access-Control-Allow-Credentials' header.
`boolean`	`isAllowingAllRequestedHeaders()` If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header.
`boolean`	`isSkippingResourceForCorsOptions()` If true, the filter does not call the server resource for OPTIONS method of CORS request and set Access-Control-Allow-Methods header with the default methods.
`void`	`setAllowedCredentials(boolean allowedCredentials)` If true, adds 'Access-Control-Allow-Credentials' header.
`void`	`setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)` Sets the value of the 'Access-Control-Allow-Headers' response header.
`void`	`setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)` Sets the value of 'Access-Control-Allow-Origin' header.
`void`	`setAllowingAllRequestedHeaders(boolean allowingAllRequestedHeaders)` If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header.
`void`	`setDefaultAllowedMethods(java.util.Set<Method> defaultAllowedMethods)` Sets the list of methods allowed by default, used when `skippingResourceForCorsOptions` is turned on.
`void`	`setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)` Sets the value of 'Access-Control-Expose-Headers' response header.
`void`	`setMaxAge(int maxAge)` Sets the value of 'Access-Control-Max-Age' response header.
`void`	`setSkippingResourceForCorsOptions(boolean skipResourceForCorsOptions)` Sets the value of skipResourceForCorsOptions field.

Methods inherited from class org.restlet.service.Service
createOutboundFilter, getContext, isEnabled, isStarted, isStopped, setContext, setEnabled, start, stop

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CorsService
```
public CorsService()
```
    Constructor.
  - CorsService
```
public CorsService(boolean enabled)
```
    Constructor.
    
    Parameters:
    
    enabled - True if the service has been enabled.
- Method Detail
  - createInboundFilter
```
public Filter createInboundFilter(Context context)
```
    Description copied from class: Service
    
    Create the filter that should be invoked for incoming calls.
    
    Overrides:
    
    createInboundFilter in class Service
    
    Parameters:
    
    context - The current context.
    
    Returns:
    
    The new filter or null.
  - getAllowedHeaders
```
public java.util.Set<java.lang.String> getAllowedHeaders()
```
    Returns the modifiable set of headers allowed by the actual request on the current resource.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Headers" header.
    
    Returns:
    
    The set of headers allowed by the actual request on the current resource.
  - getAllowedOrigins
```
public java.util.Set<java.lang.String> getAllowedOrigins()
```
    Returns the URI an origin server allows for the requested resource. Use "*" as a wildcard character.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Origin" header.
    
    Returns:
    
    The origin allowed by the requested resource.
  - getDefaultAllowedMethods
```
public java.util.Set<Method> getDefaultAllowedMethods()
```
    Returns the list of methods allowed by default, used when skippingResourceForCorsOptions is turned on.
    
    Returns:
    
    The list of methods allowed by default, used when skippingResourceForCorsOptions is turned on.
  - getExposedHeaders
```
public java.util.Set<java.lang.String> getExposedHeaders()
```
    Returns a modifiable whitelist of headers an origin server allows for the requested resource.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Expose-Headers" header.
    
    Returns:
    
    The set of headers an origin server allows for the requested resource.
  - getMaxAge
```
public int getMaxAge()
```
    Indicates how long (in seconds) the results of a preflight request can be cached in a preflight result cache.
    In case of a negative value, the results of a preflight request is not meant to be cached.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Max-Age" header.
    
    Returns:
    
    Indicates how long the results of a preflight request can be cached in a preflight result cache.
  - isAllowedCredentials
```
public boolean isAllowedCredentials()
```
    If true, adds 'Access-Control-Allow-Credentials' header.
    
    Returns:
    
    True, if the 'Access-Control-Allow-Credentials' header will be added.
  - isAllowingAllRequestedHeaders
```
public boolean isAllowingAllRequestedHeaders()
```
    If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
    
    Returns:
    
    True to copy the value
  - isSkippingResourceForCorsOptions
```
public boolean isSkippingResourceForCorsOptions()
```
    If true, the filter does not call the server resource for OPTIONS method of CORS request and set Access-Control-Allow-Methods header with the default methods. Default is false.
    
    Returns:
    
    True if the filter does not call the server resource for OPTIONS method of CORS request.
  - setAllowedCredentials
```
public void setAllowedCredentials(boolean allowedCredentials)
```
    If true, adds 'Access-Control-Allow-Credentials' header.
    
    Parameters:
    
    allowedCredentials - True to add the 'Access-Control-Allow-Credentials' header.
  - setAllowedHeaders
```
public void setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)
```
    Sets the value of the 'Access-Control-Allow-Headers' response header. Used only if allowingAllRequestedHeaders is false.
    
    Parameters:
    
    allowedHeaders - The value of 'Access-Control-Allow-Headers' response header.
  - setAllowedOrigins
```
public void setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)
```
    Sets the value of 'Access-Control-Allow-Origin' header.
    
    Parameters:
    
    allowedOrigins - The value of 'Access-Control-Allow-Origin' header.
  - setAllowingAllRequestedHeaders
```
public void setAllowingAllRequestedHeaders(boolean allowingAllRequestedHeaders)
```
    If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
    
    Parameters:
    
    allowingAllRequestedHeaders - True to copy the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
  - setDefaultAllowedMethods
```
public void setDefaultAllowedMethods(java.util.Set<Method> defaultAllowedMethods)
```
    Sets the list of methods allowed by default, used when skippingResourceForCorsOptions is turned on.
    
    Parameters:
    
    defaultAllowedMethods - The list of methods allowed by default, used when skippingResourceForCorsOptions is turned on.
  - setExposedHeaders
```
public void setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)
```
    Sets the value of 'Access-Control-Expose-Headers' response header.
    
    Parameters:
    
    exposedHeaders - The value of 'Access-Control-Expose-Headers' response header.
  - setMaxAge
```
public void setMaxAge(int maxAge)
```
    Sets the value of 'Access-Control-Max-Age' response header.
    In case of negative value, the header is not set.
    
    Parameters:
    
    maxAge - The value of 'Access-Control-Max-Age' response header.
  - setSkippingResourceForCorsOptions
```
public void setSkippingResourceForCorsOptions(boolean skipResourceForCorsOptions)
```
    Sets the value of skipResourceForCorsOptions field.
    
    Parameters:
    
    skipResourceForCorsOptions - True if the filter does not call the server resource for OPTIONS method of CORS request.

Class CorsService

Constructor Summary

Method Summary

Methods inherited from class org.restlet.service.Service

Methods inherited from class java.lang.Object

Constructor Detail

CorsService

CorsService

Method Detail

createInboundFilter

getAllowedHeaders

getAllowedOrigins

getDefaultAllowedMethods

getExposedHeaders

getMaxAge

isAllowedCredentials

isAllowingAllRequestedHeaders

isSkippingResourceForCorsOptions

setAllowedCredentials

setAllowedHeaders

setAllowedOrigins

setAllowingAllRequestedHeaders

setDefaultAllowedMethods

setExposedHeaders

setMaxAge

setSkippingResourceForCorsOptions