Java Code Examples for org.springframework.web.cors.CorsConfiguration#setMaxAge()

The following examples show how to use org.springframework.web.cors.CorsConfiguration#setMaxAge() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MallZuulApplication.java    From mall with Apache License 2.0 6 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许,在SpringMVC中,如果设成*,会自动转成当前请求头中的Origin
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("OPTIONS");// 允许提交请求的方法,*表示全部允许
    config.addAllowedMethod("HEAD");
    config.addAllowedMethod("GET");// 允许Get的请求方法
    config.addAllowedMethod("PUT");
    config.addAllowedMethod("POST");
    config.addAllowedMethod("DELETE");
    config.addAllowedMethod("PATCH");
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 2
Source File: GatewayConfiguration.java    From open-cloud with MIT License 6 votes vote down vote up
/**
 * 跨域配置
 *
 * @return
 */
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedHeaders(Lists.newArrayList(ALLOWED_HEADERS.split(",")));
    config.setAllowedOrigins(Lists.newArrayList(ALLOWED_ORIGIN.split(",")));
    config.setAllowedMethods(Lists.newArrayList(ALLOWED_METHODS.split(",")));
    config.setMaxAge(MAX_AGE);
    config.addExposedHeader(ALLOWED_EXPOSE);

    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    //最大优先级,设置0不好使
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    log.info("CorsFilter [{}]", bean);
    return bean;
}
 
Example 3
Source File: CorsConfig.java    From watchdog-framework with MIT License 6 votes vote down vote up
@Bean
public CorsFilter corsFilter(){
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.setMaxAge(1728000L);
    corsConfiguration.setAllowCredentials(true);
    corsConfiguration.addAllowedOrigin("*");
    corsConfiguration.addAllowedHeader("*");
    corsConfiguration.addAllowedMethod("PUT");
    corsConfiguration.addAllowedMethod("GET");
    corsConfiguration.addAllowedMethod("POST");
    corsConfiguration.addAllowedMethod("PATCH");
    corsConfiguration.addAllowedMethod("OPTIONS");
    corsConfiguration.addAllowedMethod("DELETE");
    source.registerCorsConfiguration("/**", corsConfiguration);
    return new CorsFilter(source);
}
 
Example 4
Source File: CrossDomainConfig.java    From cloud-service with MIT License 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 5
Source File: SecurityConfig.java    From springboot-vue.js-bbs with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowedOrigins(Arrays.asList("*"));
    configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH"));
    configuration.setAllowedHeaders(Arrays.asList("Authorization", "Cache-Control", "Content-Type"));
    configuration.setAllowCredentials(false);
    configuration.setMaxAge(3600L);
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/api/**", configuration);
    return source;
}
 
Example 6
Source File: AbstractSockJsService.java    From java-technology-stack with MIT License 5 votes vote down vote up
@Override
@Nullable
public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
	if (!this.suppressCors && CorsUtils.isCorsRequest(request)) {
		CorsConfiguration config = new CorsConfiguration();
		config.setAllowedOrigins(new ArrayList<>(this.allowedOrigins));
		config.addAllowedMethod("*");
		config.setAllowCredentials(true);
		config.setMaxAge(ONE_YEAR);
		config.addAllowedHeader("*");
		return config;
	}
	return null;
}
 
Example 7
Source File: SecurityConfiguration.java    From java-microservices-examples with Apache License 2.0 5 votes vote down vote up
@Bean
CorsWebFilter corsWebFilter() {
    CorsConfiguration corsConfig = new CorsConfiguration();
    corsConfig.setAllowedOrigins(List.of("*"));
    corsConfig.setMaxAge(3600L);
    corsConfig.addAllowedMethod("*");
    corsConfig.addAllowedHeader("*");

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", corsConfig);

    return new CorsWebFilter(source);
}
 
Example 8
Source File: SecurityConfiguration.java    From graviteeio-access-management with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(getPropertiesAsList("http.cors.allow-origin", "*"));
    config.setAllowedHeaders(getPropertiesAsList("http.cors.allow-headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, If-Match, " + DEFAULT_CSRF_HEADER_NAME));
    config.setAllowedMethods(getPropertiesAsList("http.cors.allow-methods", "OPTIONS, GET, POST, PUT, PATCH, DELETE"));
    config.setExposedHeaders(getPropertiesAsList("http.cors.exposed-headers", "ETag, " + DEFAULT_CSRF_HEADER_NAME));
    config.setMaxAge(environment.getProperty("http.cors.max-age", Long.class, 1728000L));

    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);

    return source;
}
 
Example 9
Source File: CorsConfig.java    From code with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
	final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	final CorsConfiguration config = new CorsConfiguration();

	config.setAllowCredentials(true);
	config.setAllowedOrigins(Collections.singletonList("*")); //http:www.a.com
	config.setAllowedHeaders(Collections.singletonList("*"));
	config.setAllowedMethods(Collections.singletonList("*"));
	config.setMaxAge(300L);

	source.registerCorsConfiguration("/**", config);
	return new CorsFilter(source);
}
 
Example 10
Source File: CorsAutoConfiguration.java    From hsweb-framework with Apache License 2.0 5 votes vote down vote up
private CorsConfiguration buildConfiguration(CorsProperties.CorsConfiguration config) {
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.setAllowedHeaders(config.getAllowedHeaders());
    corsConfiguration.setAllowedMethods(config.getAllowedMethods());
    corsConfiguration.setAllowedOrigins(config.getAllowedOrigins());
    corsConfiguration.setAllowCredentials(config.getAllowCredentials());
    corsConfiguration.setExposedHeaders(config.getExposedHeaders());
    corsConfiguration.setMaxAge(config.getMaxAge());

    return corsConfiguration;
}
 
Example 11
Source File: AbstractSockJsService.java    From spring4-understanding with Apache License 2.0 5 votes vote down vote up
@Override
public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
	if (!this.suppressCors && CorsUtils.isCorsRequest(request)) {
		CorsConfiguration config = new CorsConfiguration();
		config.addAllowedOrigin("*");
		config.addAllowedMethod("*");
		config.setAllowCredentials(true);
		config.setMaxAge(ONE_YEAR);
		config.addAllowedHeader("*");
		return config;
	}
	return null;
}
 
Example 12
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 13
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 14
Source File: CorsWebFilterConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
CorsWebFilter corsWebFilter() {
    CorsConfiguration corsConfig = new CorsConfiguration();
    corsConfig.setAllowedOrigins(Arrays.asList("http://allowed-origin.com"));
    corsConfig.setMaxAge(8000L);
    corsConfig.addAllowedMethod("PUT");
    corsConfig.addAllowedHeader("Baeldung-Allowed");

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
    source.registerCorsConfiguration("/**", corsConfig);

    return new CorsWebFilter(source);
}
 
Example 15
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 16
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 17
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 18
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 19
Source File: AbstractSockJsService.java    From spring-analysis-note with MIT License 5 votes vote down vote up
@Override
@Nullable
public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
	if (!this.suppressCors && (request.getHeader(HttpHeaders.ORIGIN) != null)) {
		CorsConfiguration config = new CorsConfiguration();
		config.setAllowedOrigins(new ArrayList<>(this.allowedOrigins));
		config.addAllowedMethod("*");
		config.setAllowCredentials(true);
		config.setMaxAge(ONE_YEAR);
		config.addAllowedHeader("*");
		return config;
	}
	return null;
}
 
Example 20
Source File: CustomCorsFilter.java    From springboot-security-jwt with MIT License 5 votes vote down vote up
private static UrlBasedCorsConfigurationSource configurationSource() {
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.setMaxAge(36000L);
    config.setAllowedMethods(Arrays.asList("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS"));
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/api/**", config);
    return source;
}