CorsResponseHelper (Restlet Engine 2.4.4 - Java Enterprise Edition)

java.lang.Object
- org.restlet.engine.application.CorsResponseHelper

```
public class CorsResponseHelper
extends java.lang.Object
```
Helps to generate response CORS headers.
The CORS specification defines a subset of methods qualified as simple HEAD, GET and POST. Any other methods should send a preflight request with the method OPTIONS.

Author:

Manuel Boillod

See Also:

W3C CORS Specification, Simple methods

Field Summary

Fields
Modifier and Type	Field and Description
`boolean`	`allowAllRequestedHeaders` If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header.
`boolean`	`allowedCredentials` If true, add 'Access-Control-Allow-Credentials' header.
`java.util.Set<java.lang.String>`	`allowedHeaders` The value of 'Access-Control-Allow-Headers' response header.
`java.util.Set<java.lang.String>`	`allowedOrigins` The value of 'Access-Control-Allow-Origin' header.
`java.util.Set<java.lang.String>`	`exposedHeaders` The value of 'Access-Control-Expose-Headers' response header.
`int`	`maxAge` The value of 'Access-Control-Max-Age' response header.

Constructor Summary

Constructors
Constructor and Description

CorsResponseHelper()

Constructors
Constructor and Description
`CorsResponseHelper()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addCorsResponseHeaders(Request request, Response response)` Adds CORS headers to the given response.
`java.util.Set<java.lang.String>`	`getAllowedHeaders()` Returns the modifiable set of headers allowed by the actual request on the current resource.
`java.util.Set<java.lang.String>`	`getAllowedOrigins()` Returns the URI an origin server allows for the requested resource.
`java.util.Set<java.lang.String>`	`getExposedHeaders()` Returns a modifiable whitelist of headers an origin server allows for the requested resource.
`int`	`getMaxAge()` Indicates how long (in seconds) the results of a preflight request can be cached in a preflight result cache.
`boolean`	`isAllowAllRequestedHeaders()` If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header.
`boolean`	`isAllowedCredentials()` If true, adds 'Access-Control-Allow-Credentials' header.
`boolean`	`isCorsRequest(Request request)` Returns true if the request is a CORS request.
`void`	`setAllowAllRequestedHeaders(boolean allowAllRequestedHeaders)` If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header.
`void`	`setAllowedCredentials(boolean allowedCredentials)` If true, adds 'Access-Control-Allow-Credentials' header.
`void`	`setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)` Sets the value of the 'Access-Control-Allow-Headers' response header.
`void`	`setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)` Sets the value of 'Access-Control-Allow-Origin' header.
`void`	`setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)` Sets the value of 'Access-Control-Expose-Headers' response header.
`void`	`setMaxAge(int maxAge)` Sets the value of 'Access-Control-Max-Age' response header.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - allowAllRequestedHeaders
```
public boolean allowAllRequestedHeaders
```
    If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders. Default is true.
  - allowedCredentials
```
public boolean allowedCredentials
```
    If true, add 'Access-Control-Allow-Credentials' header. Default is false.
  - allowedHeaders
```
public java.util.Set<java.lang.String> allowedHeaders
```
    The value of 'Access-Control-Allow-Headers' response header. Used only if allowAllRequestedHeaders is false.
  - allowedOrigins
```
public java.util.Set<java.lang.String> allowedOrigins
```
    The value of 'Access-Control-Allow-Origin' header. Default is '*'.
  - exposedHeaders
```
public java.util.Set<java.lang.String> exposedHeaders
```
    The value of 'Access-Control-Expose-Headers' response header.
  - maxAge
```
public int maxAge
```
    The value of 'Access-Control-Max-Age' response header. Default is that the header is not set.
- Constructor Detail
  - CorsResponseHelper
```
public CorsResponseHelper()
```
- Method Detail
  - addCorsResponseHeaders
```
public void addCorsResponseHeaders(Request request,
                                   Response response)
```
    Adds CORS headers to the given response.
    
    Parameters:
    
    request - The current request.
    
    response - The response.
  - getAllowedHeaders
```
public java.util.Set<java.lang.String> getAllowedHeaders()
```
    Returns the modifiable set of headers allowed by the actual request on the current resource.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Headers" header.
    
    Returns:
    
    The set of headers allowed by the actual request on the current resource.
  - getAllowedOrigins
```
public java.util.Set<java.lang.String> getAllowedOrigins()
```
    Returns the URI an origin server allows for the requested resource. Use "*" as a wildcard character.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Allow-Origin" header.
    
    Returns:
    
    The origin allowed by the requested resource.
  - getExposedHeaders
```
public java.util.Set<java.lang.String> getExposedHeaders()
```
    Returns a modifiable whitelist of headers an origin server allows for the requested resource.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Expose-Headers" header.
    
    Returns:
    
    The set of headers an origin server allows for the requested resource.
  - getMaxAge
```
public int getMaxAge()
```
    Indicates how long (in seconds) the results of a preflight request can be cached in a preflight result cache.
    In case of a negative value, the results of a preflight request is not meant to be cached.
    Note that when used with HTTP connectors, this property maps to the "Access-Control-Max-Age" header.
    
    Returns:
    
    Indicates how long the results of a preflight request can be cached in a preflight result cache.
  - isAllowAllRequestedHeaders
```
public boolean isAllowAllRequestedHeaders()
```
    If true, indicates that the value of 'Access-Control-Request-Headers' request header will be copied into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
  - isAllowedCredentials
```
public boolean isAllowedCredentials()
```
    If true, adds 'Access-Control-Allow-Credentials' header.
    
    Returns:
    
    True, if the 'Access-Control-Allow-Credentials' header will be added.
  - isCorsRequest
```
public boolean isCorsRequest(Request request)
```
    Returns true if the request is a CORS request.
    
    Parameters:
    
    request - The current request.
    
    Returns:
    
    true if the request is a CORS request.
  - setAllowAllRequestedHeaders
```
public void setAllowAllRequestedHeaders(boolean allowAllRequestedHeaders)
```
    If true, copies the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
    
    Parameters:
    
    allowAllRequestedHeaders - True to copy the value of 'Access-Control-Request-Headers' request header into the 'Access-Control-Allow-Headers' response header. If false, use allowedHeaders.
  - setAllowedCredentials
```
public void setAllowedCredentials(boolean allowedCredentials)
```
    If true, adds 'Access-Control-Allow-Credentials' header.
    
    Parameters:
    
    allowedCredentials - True to add the 'Access-Control-Allow-Credentials' header.
  - setAllowedHeaders
```
public void setAllowedHeaders(java.util.Set<java.lang.String> allowedHeaders)
```
    Sets the value of the 'Access-Control-Allow-Headers' response header. Used only if allowAllRequestedHeaders is false.
    
    Parameters:
    
    allowedHeaders - The value of 'Access-Control-Allow-Headers' response header.
  - setAllowedOrigins
```
public void setAllowedOrigins(java.util.Set<java.lang.String> allowedOrigins)
```
    Sets the value of 'Access-Control-Allow-Origin' header.
    
    Parameters:
    
    allowedOrigins - The value of 'Access-Control-Allow-Origin' header.
  - setExposedHeaders
```
public void setExposedHeaders(java.util.Set<java.lang.String> exposedHeaders)
```
    Sets the value of 'Access-Control-Expose-Headers' response header.
    
    Parameters:
    
    exposedHeaders - The value of 'Access-Control-Expose-Headers' response header.
  - setMaxAge
```
public void setMaxAge(int maxAge)
```
    Sets the value of 'Access-Control-Max-Age' response header.
    In case of negative value, the header is not set.
    
    Parameters:
    
    maxAge - The value of 'Access-Control-Max-Age' response header.

Class CorsResponseHelper

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

allowAllRequestedHeaders

allowedCredentials

allowedHeaders

allowedOrigins

exposedHeaders

maxAge

Constructor Detail

CorsResponseHelper

Method Detail

addCorsResponseHeaders

getAllowedHeaders

getAllowedOrigins

getExposedHeaders

getMaxAge

isAllowAllRequestedHeaders

isAllowedCredentials

isCorsRequest

setAllowAllRequestedHeaders

setAllowedCredentials

setAllowedHeaders

setAllowedOrigins

setExposedHeaders

setMaxAge