Java Code Examples for org.springframework.web.cors.CorsConfiguration#addExposedHeader()

The following examples show how to use org.springframework.web.cors.CorsConfiguration#addExposedHeader() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: PropertyBasedCorsFilter.java    From flowable-engine with Apache License 2.0 7 votes vote down vote up 
protected CorsFilter corsFilter(RestAppProperties.Cors cors) {
    CorsConfiguration config = new CorsConfiguration();
    if (cors.isAllowCredentials()) {
        config.setAllowCredentials(true);
    }

    for (String origin : cors.getAllowedOrigins()) {
        config.addAllowedOrigin(origin);
    }
    for (String header : cors.getAllowedHeaders()) {
        config.addAllowedHeader(header);
    }
    for (String exposedHeader : cors.getExposedHeaders()) {
        config.addExposedHeader(exposedHeader);
    }
    for (String method : cors.getAllowedMethods()) {
        config.addAllowedMethod(method);
    }

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
Example 2
Source File: CorsConfig.java    From microservices-platform with Apache License 2.0 6 votes vote down vote up 
@Order(Ordered.HIGHEST_PRECEDENCE)
@Bean
public CorsWebFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    // cookie跨域
    config.setAllowCredentials(Boolean.TRUE);
    config.addAllowedMethod(ALL);
    config.addAllowedOrigin(ALL);
    config.addAllowedHeader(ALL);
    // 配置前端js允许访问的自定义响应头
    config.addExposedHeader("setToken");

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
    source.registerCorsConfiguration("/**", config);

    return new CorsWebFilter(source);
}
Example 3
Source File: WebAutoConfig.java    From yue-library with Apache License 2.0 6 votes vote down vote up 
@Bean
@ConditionalOnMissingBean
@ConditionalOnProperty(prefix = "yue.cors", name = "allow", havingValue = "true", matchIfMissing = true)
public CorsFilter corsFilter(CorsProperties corsProperties) {
	final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	final CorsConfiguration config = new CorsConfiguration();
	
	config.setAllowCredentials(true);
	config.setAllowedHeaders(Arrays.asList("*"));
	config.setAllowedMethods(Arrays.asList("*"));
	config.setAllowedOrigins(Arrays.asList("*"));
	config.setMaxAge(3600L);
	
	// 设置response允许暴露的Headers
	List<String> exposedHeaders = corsProperties.getExposedHeaders();
	if (exposedHeaders != null) {
		config.setExposedHeaders(exposedHeaders);
	} else {
		config.addExposedHeader("token");
	}
	
	source.registerCorsConfiguration("/**", config);
	
	log.info("【初始化配置-跨域】默认配置为true,当前环境为true:默认任何情况下都允许跨域访问 ... 已初始化完毕。");
	return new CorsFilter(source);
}
Example 4
Source File: GatewayConfiguration.java    From open-cloud with MIT License 6 votes vote down vote up 
/**
 * 跨域配置
 *
 * @return
 */
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedHeaders(Lists.newArrayList(ALLOWED_HEADERS.split(",")));
    config.setAllowedOrigins(Lists.newArrayList(ALLOWED_ORIGIN.split(",")));
    config.setAllowedMethods(Lists.newArrayList(ALLOWED_METHODS.split(",")));
    config.setMaxAge(MAX_AGE);
    config.addExposedHeader(ALLOWED_EXPOSE);

    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    //最大优先级,设置0不好使
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    log.info("CorsFilter [{}]", bean);
    return bean;
}
Example 5
Source File: CrossDomainConfiguration.java    From momo-cloud-permission with Apache License 2.0 6 votes vote down vote up 
@Bean
public CorsWebFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    // cookie跨域
    config.setAllowCredentials(Boolean.TRUE);
    config.addAllowedMethod(CorsConfiguration.ALL);
    config.addAllowedOrigin(CorsConfiguration.ALL);
    config.addAllowedHeader(CorsConfiguration.ALL);
    // 配置前端js允许访问的自定义响应头
    config.addExposedHeader("x-token");

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
    source.registerCorsConfiguration("/**", config);

    return new CorsWebFilter(source);
}
Example 6
Source File: CrustConfigurerAdapter.java    From Milkomeda with MIT License 5 votes vote down vote up 
@Bean
protected CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowedOrigins(Collections.singletonList("*"));
    configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "HEAD", "OPTION"));
    configuration.setAllowedHeaders(Collections.singletonList("*"));
    configuration.addExposedHeader(props.getRefreshTokenName());
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", configuration);
    return source;
}
Example 7
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up 
@Bean
public FilterRegistrationBean corsFilterForBusi() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    config.addExposedHeader("x-auth-token");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
Example 8
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up 
@Bean
public FilterRegistrationBean corsFilterForBusi() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    config.addExposedHeader("x-auth-token");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
Example 9
Source File: JpaRestfulServerR4.java    From careconnect-reference-implementation with Apache License 2.0 4 votes vote down vote up 
@SuppressWarnings("unchecked")
@Override
protected void initialize() throws ServletException {
    super.initialize();
    TimeZone.setDefault(TimeZone.getTimeZone("UTC"));

    // Get the spring context from the web container (it's declared in web.xml)
    FhirVersionEnum fhirVersion = FhirVersionEnum.R4;
    setFhirContext(new FhirContext(fhirVersion));
    String serverBase = HapiProperties.getServerAddress();
    if (serverBase != null && !serverBase.isEmpty()) {
        setServerAddressStrategy(new HardcodedServerAddressStrategy(serverBase));
    }

    if (applicationContext == null ) log.info("Context is null");

    AutowireCapableBeanFactory autowireCapableBeanFactory = applicationContext.getAutowireCapableBeanFactory();
    autowireCapableBeanFactory.autowireBean(this);

    List<IResourceProvider> permissionlist = new ArrayList<>();
    Class<?> classType = null;
    try {
        classType = Class.forName("uk.nhs.careconnect.ccri.fhirserver.r4.provider.ObservationDefinitionProvider");
        log.info("class methods " + classType.getMethods()[4].getName() );
    } catch (ClassNotFoundException  e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (Exception ex) {
        log.error(ex.getMessage());
    }

    permissionlist.add((IResourceProvider) applicationContext.getBean(classType));
    setResourceProviders(permissionlist);

    // Replace built in conformance provider (CapabilityStatement)
    setServerConformanceProvider(new CareConnectServerConformanceR4Provider());

    setServerName(HapiProperties.getServerName());
    setServerVersion(HapiProperties.getSoftwareVersion());
    setImplementationDescription(HapiProperties.getSoftwareImplementationDesc());


    ServerInterceptor loggingInterceptor = new ServerInterceptor(log);
    registerInterceptor(loggingInterceptor);




    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedHeader("x-fhir-starter");
    config.addAllowedHeader("Origin");
    config.addAllowedHeader("Accept");
    config.addAllowedHeader("X-Requested-With");
    config.addAllowedHeader("Content-Type");

    config.addAllowedOrigin("*");

    config.addExposedHeader("Location");
    config.addExposedHeader("Content-Location");
    config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"));

    // Create the interceptor and register it
    CorsInterceptor interceptor = new CorsInterceptor(config);
    registerInterceptor(interceptor);

    ServerInterceptor gatewayInterceptor = new ServerInterceptor(log);
    if (HapiProperties.getSecurityOauth()) {
        registerInterceptor(new OAuth2Interceptor());  // Add OAuth2 Security Filter
    }
    registerInterceptor(gatewayInterceptor);

    FifoMemoryPagingProvider pp = new FifoMemoryPagingProvider(10);
    pp.setDefaultPageSize(10);
    pp.setMaximumPageSize(100);
    setPagingProvider(pp);

    setDefaultPrettyPrint(true);
    setDefaultResponseEncoding(EncodingEnum.JSON);

    ctx = getFhirContext();


    registerInterceptor( new ResponseHighlighterInterceptor());

    // Remove as believe due to issues on docker ctx.setNarrativeGenerator(new DefaultThymeleafNarrativeGenerator());
}