Class CrossOriginConfig

java.lang.Object
io.helidon.webserver.cors.CrossOriginConfig

public class CrossOriginConfig extends Object
Represents information about cross origin request sharing. Applications can obtain a new instance in three ways:
  • Use a Builder explicitly.

    Obtain a suitable builder by:

    and then invoke methods on the builder as needed. Finally invoke the builder's build method to create the instance.
  • Invoke the static create(Config) method, passing a config node containing the cross-origin information to be converted. This is a convenience method equivalent to creating a builder using the config node and then invoking build().
  • Invoke the static create() method which returns a CrossOriginConfig instance which implements the default CORS behavior.
See Also:
  • Field Details

    • CORS_PATHS_CONFIG_KEY

      public static final String CORS_PATHS_CONFIG_KEY
      Key for the node within the CORS config that contains the list of path information.
      See Also:
    • ACCESS_CONTROL_ALLOW_HEADERS

      public static final String ACCESS_CONTROL_ALLOW_HEADERS
      Header Access-Control-Allow-Headers.
      See Also:
    • ACCESS_CONTROL_ALLOW_METHODS

      public static final String ACCESS_CONTROL_ALLOW_METHODS
      Header Access-Control-Allow-Methods.
      See Also:
    • ACCESS_CONTROL_ALLOW_CREDENTIALS

      public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS
      Header Access-Control-Allow-Credentials.
      See Also:
    • ACCESS_CONTROL_MAX_AGE

      public static final String ACCESS_CONTROL_MAX_AGE
      Header Access-Control-Max-Age.
      See Also:
    • ACCESS_CONTROL_EXPOSE_HEADERS

      public static final String ACCESS_CONTROL_EXPOSE_HEADERS
      Header Access-Control-Expose-Headers.
      See Also:
    • ACCESS_CONTROL_ALLOW_ORIGIN

      public static final String ACCESS_CONTROL_ALLOW_ORIGIN
      Header Access-Control-Allow-Origin.
      See Also:
    • ACCESS_CONTROL_REQUEST_HEADERS

      public static final String ACCESS_CONTROL_REQUEST_HEADERS
      Header Access-Control-Request-Headers.
      See Also:
    • ACCESS_CONTROL_REQUEST_METHOD

      public static final String ACCESS_CONTROL_REQUEST_METHOD
      Header Access-Control-Request-Method.
      See Also:
    • DEFAULT_AGE

      public static final long DEFAULT_AGE
      Default cache expiration in seconds.
      See Also:
  • Method Details

    • builder

      public static CrossOriginConfig.Builder builder()
      Returns:
      a new builder for basic cross origin config
    • builder

      public static CrossOriginConfig.Builder builder(Config config)
      Creates a new CrossOriginConfig.Builder using the provided config node.

      Although this method is equivalent to builder().config(config) it conveniently combines those two steps for use as a method reference.

      Parameters:
      config - node containing cross-origin information
      Returns:
      new CrossOriginConfig.Builder instance based on the configuration
    • builder

      public static CrossOriginConfig.Builder builder(CrossOriginConfig original)
      Initializes a new CrossOriginConfig.Builder from the values in an existing CrossOriginConfig object.
      Parameters:
      original - the existing cross-origin config object
      Returns:
      new Builder initialized from the existing object's settings
    • create

      public static CrossOriginConfig create()
      Creates a new CrossOriginConfig instance which represents the default CORS behavior.
      Returns:
      new default CrossOriginConfig instance
    • create

      public static CrossOriginConfig create(Config corsConfig)
      Creates a new CrossOriginConfig instance based on the provided configuration node.
      Parameters:
      corsConfig - node containing CORS information
      Returns:
      new CrossOriginConfig based on the configuration
    • pathPattern

      public String pathPattern()
      Returns:
      the configured path expression; defaults to a "match-everything" pattern
    • isEnabled

      public boolean isEnabled()
      Returns:
      whether this cross-origin config is enabled
    • allowOrigins

      public String[] allowOrigins()
      Returns:
      the allowed origins
    • allowHeaders

      public String[] allowHeaders()
      Returns:
      the allowed headers
    • exposeHeaders

      public String[] exposeHeaders()
      Returns:
      headers OK to expose in responses
    • allowMethods

      public String[] allowMethods()
      Returns:
      allowed methods
    • allowCredentials

      public boolean allowCredentials()
      Returns:
      allowed credentials
    • maxAgeSeconds

      public long maxAgeSeconds()
      Returns:
      maximum age
    • matches

      public boolean matches(String method)
      Reports whether the specified HTTP method name matches this CrossOriginConfig.
      Parameters:
      method - HTTP method name to check
      Returns:
      true if this CrossOriginConfig matches the specified method; false otherwise
    • toString

      public String toString()
      Overrides:
      toString in class Object