Java Code Examples for org.springframework.web.cors.CorsConfiguration#setExposedHeaders()

The following examples show how to use org.springframework.web.cors.CorsConfiguration#setExposedHeaders() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
/**
 * CORS跨域设置
 *
 * @return
 */
@Bean
public FilterRegistrationBean corsFilter(SpringBootPlusCorsProperties corsProperties) {
    log.debug("corsProperties:{}", corsProperties);
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    // 跨域配置
    corsConfiguration.setAllowedOrigins(corsProperties.getAllowedOrigins());
    corsConfiguration.setAllowedHeaders(corsProperties.getAllowedHeaders());
    corsConfiguration.setAllowedMethods(corsProperties.getAllowedMethods());
    corsConfiguration.setAllowCredentials(corsProperties.isAllowCredentials());
    corsConfiguration.setExposedHeaders(corsProperties.getExposedHeaders());
    corsConfiguration.setMaxAge(corsConfiguration.getMaxAge());

    source.registerCorsConfiguration(corsProperties.getPath(), corsConfiguration);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    bean.setEnabled(corsProperties.isEnable());
    return bean;
}
 
Example 2
Source Project: yue-library   File: WebAutoConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Bean
@ConditionalOnMissingBean
@ConditionalOnProperty(prefix = "yue.cors", name = "allow", havingValue = "true", matchIfMissing = true)
public CorsFilter corsFilter(CorsProperties corsProperties) {
	final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	final CorsConfiguration config = new CorsConfiguration();
	
	config.setAllowCredentials(true);
	config.setAllowedHeaders(Arrays.asList("*"));
	config.setAllowedMethods(Arrays.asList("*"));
	config.setAllowedOrigins(Arrays.asList("*"));
	config.setMaxAge(3600L);
	
	// 设置response允许暴露的Headers
	List<String> exposedHeaders = corsProperties.getExposedHeaders();
	if (exposedHeaders != null) {
		config.setExposedHeaders(exposedHeaders);
	} else {
		config.addExposedHeader("token");
	}
	
	source.registerCorsConfiguration("/**", config);
	
	log.info("【初始化配置-跨域】默认配置为true,当前环境为true:默认任何情况下都允许跨域访问 ... 已初始化完毕。");
	return new CorsFilter(source);
}
 
Example 3
/**
 * 解决跨域问题
 *
 * @return 跨域声明
 */
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(allowedOrigins);
    config.addAllowedHeader("*");
    config.setMaxAge(18000L);
    config.addAllowedMethod("*");
    //添加response暴露的header
    String[] responseHeader =
            {"date", "content-encoding", "server", "etag", "vary", "Cache-Control", "Last-Modified",
                    "content-type", "transfer-encoding", "connection", "x-application-context"};
    config.setExposedHeaders(Arrays.asList(responseHeader));
    source.registerCorsConfiguration("/**", config);

    FilterRegistrationBean bean = new FilterRegistrationBean<>(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
 
Example 4
public CorsConfiguration getCorsConfiguration() {
  CorsConfiguration corsConfiguration = new CorsConfiguration();
  corsConfiguration.setAllowedOrigins(cors.getAllowedOrigins());
  corsConfiguration.setAllowedMethods(cors.getAllowedMethods());
  corsConfiguration.setAllowedHeaders(cors.getAllowedHeaders());
  corsConfiguration.setExposedHeaders(cors.getExposedHeaders());
  corsConfiguration.setAllowCredentials(cors.getAllowCredentials());
  corsConfiguration.setMaxAge(cors.getMaxAge());

  return corsConfiguration;
}
 
Example 5
private CorsConfiguration buildConfiguration(CorsProperties.CorsConfiguration config) {
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.setAllowedHeaders(config.getAllowedHeaders());
    corsConfiguration.setAllowedMethods(config.getAllowedMethods());
    corsConfiguration.setAllowedOrigins(config.getAllowedOrigins());
    corsConfiguration.setAllowCredentials(config.getAllowCredentials());
    corsConfiguration.setExposedHeaders(config.getExposedHeaders());
    corsConfiguration.setMaxAge(config.getMaxAge());

    return corsConfiguration;
}
 
Example 6
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(getPropertiesAsList("http.cors.allow-origin", "*"));
    config.setAllowedHeaders(getPropertiesAsList("http.cors.allow-headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, If-Match, " + DEFAULT_CSRF_HEADER_NAME));
    config.setAllowedMethods(getPropertiesAsList("http.cors.allow-methods", "OPTIONS, GET, POST, PUT, PATCH, DELETE"));
    config.setExposedHeaders(getPropertiesAsList("http.cors.exposed-headers", "ETag, " + DEFAULT_CSRF_HEADER_NAME));
    config.setMaxAge(environment.getProperty("http.cors.max-age", Long.class, 1728000L));

    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);

    return source;
}
 
Example 7
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(getPropertiesAsList("http.cors.allow-origin", "*"));
    config.setAllowedHeaders(getPropertiesAsList("http.cors.allow-headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, If-Match, " + DEFAULT_CSRF_HEADER_NAME + ", " + DEFAULT_RECAPTCHA_HEADER_NAME));
    config.setAllowedMethods(getPropertiesAsList("http.cors.allow-methods", "OPTIONS, GET, POST, PUT, DELETE, PATCH"));
    config.setExposedHeaders(getPropertiesAsList("http.cors.exposed-headers", "ETag, " + DEFAULT_CSRF_HEADER_NAME));
    config.setMaxAge(environment.getProperty("http.cors.max-age", Long.class, 1728000L));

    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return source;
}
 
Example 8
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(getPropertiesAsList("http.cors.allow-origin", "*"));
    config.setAllowedHeaders(getPropertiesAsList("http.cors.allow-headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, " + DEFAULT_CSRF_HEADER_NAME + ", " + DEFAULT_RECAPTCHA_HEADER_NAME));
    config.setAllowedMethods(getPropertiesAsList("http.cors.allow-methods", "OPTIONS, GET, POST, PUT, DELETE, PATCH"));
    config.setExposedHeaders(getPropertiesAsList("http.cors.exposed-headers", DEFAULT_CSRF_HEADER_NAME));
    config.setMaxAge(environment.getProperty("http.cors.max-age", Long.class, 1728000L));

    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return source;
}
 
Example 9
/**
 * Defines a ConfigurationSource for CORS attributes.
 * 
 * @return A CorsConfigurationSource.
 */
@Bean
public CorsConfigurationSource corsConfigurationSource() {
    final CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowedOrigins(corsProperties.getAllowedOrigins());
    configuration.setAllowedMethods(corsProperties.getAllowedMethods());
    configuration.setAllowedHeaders(corsProperties.getAllowedHeaders());
    configuration.setAllowCredentials(corsProperties.getAllowCredentials());
    configuration.setExposedHeaders(corsProperties.getExposedHeaders());
    configuration.setMaxAge(corsProperties.getMaxAgeSeconds());

    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration(corsProperties.getFilterRegistrationPath(), configuration);
    return source;
}