Java Code Examples for org.springframework.http.HttpHeaders#addAll()

The following examples show how to use org.springframework.http.HttpHeaders#addAll() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GatewayApplication.java    From MyShopPlus with Apache License 2.0 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
    return (ServerWebExchange ctx, WebFilterChain chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (!CorsUtils.isCorsRequest(request)) {
            return chain.filter(ctx);
        }
        HttpHeaders requestHeaders = request.getHeaders();
        ServerHttpResponse response = ctx.getResponse();
        HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
        HttpHeaders headers = response.getHeaders();
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
        headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
        if (requestMethod != null) {
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
        }
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);
        headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
        if (request.getMethod() == HttpMethod.OPTIONS) {
            response.setStatusCode(HttpStatus.OK);
            return Mono.empty();
        }
        return chain.filter(ctx);
    };
}
 
Example 2
Source File: TraceRequestHttpHeadersFilterTests.java    From spring-cloud-sleuth with Apache License 2.0 6 votes vote down vote up
@Test
public void should_set_tracing_headers_with_multiple_values() {
	HttpHeadersFilter filter = TraceRequestHttpHeadersFilter.create(this.httpTracing);
	HttpHeaders httpHeaders = new HttpHeaders();
	httpHeaders.add("X-Hello-Request", "Request World");
	httpHeaders.addAll("X-Hello", Arrays.asList("World1", "World2"));
	MockServerHttpRequest request = MockServerHttpRequest.post("foo/bar")
			.headers(httpHeaders).build();
	MockServerWebExchange exchange = MockServerWebExchange.builder(request).build();

	HttpHeaders filteredHeaders = filter.filter(httpHeaders, exchange);

	BDDAssertions.then(filteredHeaders.get("X-B3-TraceId")).isNotEmpty();
	BDDAssertions.then(filteredHeaders.get("X-B3-SpanId")).isNotEmpty();
	BDDAssertions.then(filteredHeaders.get("X-Hello"))
			.isEqualTo(Arrays.asList("World1", "World2"));
	BDDAssertions.then(filteredHeaders.get("X-Hello-Request"))
			.isEqualTo(Collections.singletonList("Request World"));
	BDDAssertions
			.then((Object) exchange
					.getAttribute(TraceRequestHttpHeadersFilter.SPAN_ATTRIBUTE))
			.isNotNull();
}
 
Example 3
Source File: TraceRequestHttpHeadersFilter.java    From spring-cloud-sleuth with Apache License 2.0 6 votes vote down vote up
@Override
public HttpHeaders filter(HttpHeaders input, ServerWebExchange exchange) {
	if (log.isDebugEnabled()) {
		log.debug("Will instrument the HTTP request headers ["
				+ exchange.getRequest().getHeaders() + "]");
	}
	HttpClientRequest request = new HttpClientRequest(exchange.getRequest(), input);
	Span currentSpan = currentSpan(request);
	Span span = injectedSpan(request, currentSpan);
	if (log.isDebugEnabled()) {
		log.debug(
				"Client span  " + span + " created for the request. New headers are "
						+ request.filteredHeaders.toSingleValueMap());
	}
	exchange.getAttributes().put(SPAN_ATTRIBUTE, span);
	HttpHeaders headersWithInput = new HttpHeaders();
	headersWithInput.addAll(input);
	addHeadersWithInput(request.filteredHeaders, headersWithInput);
	if (headersWithInput.containsKey("b3") || headersWithInput.containsKey("B3")) {
		headersWithInput.keySet().remove("b3");
		headersWithInput.keySet().remove("B3");
	}
	return headersWithInput;
}
 
Example 4
Source File: TraceRequestHttpHeadersFilter.java    From java-spring-cloud with Apache License 2.0 6 votes vote down vote up
@Override
public HttpHeaders filter(HttpHeaders input, ServerWebExchange exchange) {
  log.debug("Will instrument spring cloud gateway the HTTP request headers");
  ServerHttpRequest.Builder builder = exchange.getRequest().mutate();
  Span span = this.tracer.buildSpan(path(builder))
      .asChildOf(tracer.activeSpan())
      .withTag(Tags.COMPONENT.getKey(), COMPONENT)
      .withTag(Tags.SPAN_KIND.getKey(), Tags.SPAN_KIND_CLIENT)
      .withTag(ROUTE_ID, getRouteId(exchange))
      .start();
  log.debug("Client span {} created for the request. New headers are {}", span, builder.build().getHeaders().toSingleValueMap());
  exchange.getAttributes().put(SPAN_ATTRIBUTE, span);
  HttpHeaders headersWithInput = new HttpHeaders();
  try {
    this.tracer.inject(span.context(), Format.Builtin.HTTP_HEADERS, new HttpHeadersCarrier(headersWithInput));
  } catch (Exception ignore) {
    log.error("TraceRequestHttpHeadersFilter error", ignore);
  }
  headersWithInput.addAll(input);
  addHeadersWithInput(builder, headersWithInput);
  return headersWithInput;
}
 
Example 5
Source File: CorsConfig.java    From microservice-recruit with Apache License 2.0 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
    return (ServerWebExchange ctx, WebFilterChain chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (CorsUtils.isCorsRequest(request)) {
            HttpHeaders requestHeaders = request.getHeaders();
            ServerHttpResponse response = ctx.getResponse();
            HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
            HttpHeaders headers = response.getHeaders();
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
            headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders
                    .getAccessControlRequestHeaders());
            if(requestMethod != null){
                headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
            }
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
            headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
            if (request.getMethod() == HttpMethod.OPTIONS) {
                response.setStatusCode(HttpStatus.OK);
                return Mono.empty();
            }
        }
        return chain.filter(ctx);
    };
}
 
Example 6
Source File: ResourceServerConfiguration.java    From open-cloud with MIT License 6 votes vote down vote up
/**
 * 跨域配置
 *
 * @return
 */
public WebFilter corsFilter() {
    return (ServerWebExchange ctx, WebFilterChain chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (CorsUtils.isCorsRequest(request)) {
            HttpHeaders requestHeaders = request.getHeaders();
            ServerHttpResponse response = ctx.getResponse();
            HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
            HttpHeaders headers = response.getHeaders();
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
            headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
            if (requestMethod != null) {
                headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
            }
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
            headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
            if (request.getMethod() == HttpMethod.OPTIONS) {
                response.setStatusCode(HttpStatus.OK);
                return Mono.empty();
            }
        }
        return chain.filter(ctx);
    };
}
 
Example 7
Source File: CorsConfig.java    From simple-microservice with Apache License 2.0 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
  return (ServerWebExchange ctx, WebFilterChain chain) -> {
    ServerHttpRequest request = ctx.getRequest();
    if (CorsUtils.isCorsRequest(request)) {
      HttpHeaders requestHeaders = request.getHeaders();
      ServerHttpResponse response = ctx.getResponse();
      HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
      HttpHeaders headers = response.getHeaders();
      headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
      headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
      if (requestMethod != null) {
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
      }
      headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
      headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
      headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
      if (request.getMethod() == HttpMethod.OPTIONS) {
        response.setStatusCode(HttpStatus.OK);
        return Mono.empty();
      }

    }
    return chain.filter(ctx);
  };
}
 
Example 8
Source File: CorsConfig.java    From spring-microservice-exam with MIT License 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
    return (ServerWebExchange ctx, WebFilterChain chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (!CorsUtils.isCorsRequest(request))
            return chain.filter(ctx);
        HttpHeaders requestHeaders = request.getHeaders();
        ServerHttpResponse response = ctx.getResponse();
        HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
        HttpHeaders headers = response.getHeaders();
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
        headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
        if (requestMethod != null)
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);
        headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
        if (request.getMethod() == HttpMethod.OPTIONS) {
            response.setStatusCode(HttpStatus.OK);
            return Mono.empty();
        }
        return chain.filter(ctx);
    };
}
 
Example 9
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
	return (ServerWebExchange ctx, WebFilterChain chain) -> {
		ServerHttpRequest request = ctx.getRequest();
		if (!CorsUtils.isCorsRequest(request)) {
			return chain.filter(ctx);
		}
		HttpHeaders requestHeaders = request.getHeaders();
		ServerHttpResponse response = ctx.getResponse();
		HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
		HttpHeaders headers = response.getHeaders();
		headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
		headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
		if (requestMethod != null) {
			headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
		}
		headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
		headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);
		headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
		if (request.getMethod() == HttpMethod.OPTIONS) {
			response.setStatusCode(HttpStatus.OK);
			return Mono.empty();
		}
		return chain.filter(ctx);
	};
}
 
Example 10
Source File: CorsConfig.java    From microservice-recruit with Apache License 2.0 6 votes vote down vote up
@Bean
public WebFilter corsFilter() {
    return (ServerWebExchange ctx, WebFilterChain chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (CorsUtils.isCorsRequest(request)) {
            HttpHeaders requestHeaders = request.getHeaders();
            ServerHttpResponse response = ctx.getResponse();
            HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
            HttpHeaders headers = response.getHeaders();
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
            headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders
                    .getAccessControlRequestHeaders());
            if(requestMethod != null){
                headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
            }
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
            headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
            if (request.getMethod() == HttpMethod.OPTIONS) {
                response.setStatusCode(HttpStatus.OK);
                return Mono.empty();
            }
        }
        return chain.filter(ctx);
    };
}
 
Example 11
Source File: HandshakeWebSocketService.java    From java-technology-stack with MIT License 5 votes vote down vote up
private HandshakeInfo createHandshakeInfo(ServerWebExchange exchange, ServerHttpRequest request,
		@Nullable String protocol, Map<String, Object> attributes) {

	URI uri = request.getURI();
	// Copy request headers, as they might be pooled and recycled by
	// the server implementation once the handshake HTTP exchange is done.
	HttpHeaders headers = new HttpHeaders();
	headers.addAll(request.getHeaders());
	Mono<Principal> principal = exchange.getPrincipal();
	String logPrefix = exchange.getLogPrefix();
	InetSocketAddress remoteAddress = request.getRemoteAddress();
	return new HandshakeInfo(uri, headers, principal, protocol, remoteAddress, attributes, logPrefix);
}
 
Example 12
Source File: CorsConfig.java    From black-shop with Apache License 2.0 5 votes vote down vote up
@Bean
public WebFilter corsFilter() {
	return (ServerWebExchange ctx, WebFilterChain chain) -> {
		ServerHttpRequest request = ctx.getRequest();
		if (CorsUtils.isCorsRequest(request)) {
			HttpHeaders requestHeaders = request.getHeaders();
			ServerHttpResponse response = ctx.getResponse();
			HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
			HttpHeaders headers = response.getHeaders();
			headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
			headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS,
					requestHeaders.getAccessControlRequestHeaders());
			if (requestMethod != null) {
				headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
			}
			headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
			headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
			headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
			if (request.getMethod() == HttpMethod.OPTIONS) {
				response.setStatusCode(HttpStatus.OK);
				return Mono.empty();
			}

		}
		return chain.filter(ctx);
	};
}
 
Example 13
Source File: ProductCompositeServiceImpl.java    From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License 5 votes vote down vote up
private HttpHeaders getHeaders(HttpHeaders requesthHeaders, String... headers) {
    LOG.trace("Will look for {} headers: {}", headers.length, headers);
    HttpHeaders h = new HttpHeaders();
    for (String header : headers) {
        List<String> value = requesthHeaders.get(header);
        if (value != null) {
            h.addAll(header, value);
        }
    }
    LOG.trace("Will transfer {}, headers: {}", h.size(), h);
    return h;
}
 
Example 14
Source File: ProductCompositeServiceImpl.java    From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License 5 votes vote down vote up
private HttpHeaders getHeaders(HttpHeaders requesthHeaders, String... headers) {
    LOG.trace("Will look for {} headers: {}", headers.length, headers);
    HttpHeaders h = new HttpHeaders();
    for (String header : headers) {
        List<String> value = requesthHeaders.get(header);
        if (value != null) {
            h.addAll(header, value);
        }
    }
    LOG.trace("Will transfer {}, headers: {}", h.size(), h);
    return h;
}
 
Example 15
Source File: ProductCompositeServiceImpl.java    From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License 5 votes vote down vote up
private HttpHeaders getHeaders(HttpHeaders requesthHeaders, String... headers) {
    LOG.trace("Will look for {} headers: {}", headers.length, headers);
    HttpHeaders h = new HttpHeaders();
    for (String header : headers) {
        List<String> value = requesthHeaders.get(header);
        if (value != null) {
            h.addAll(header, value);
        }
    }
    LOG.trace("Will transfer {}, headers: {}", h.size(), h);
    return h;
}
 
Example 16
Source File: CorsConfiguration.java    From zuihou-admin-cloud with Apache License 2.0 5 votes vote down vote up
/**
 * attention:简单跨域就是GET,HEAD和POST请求,但是POST请求的"Content-Type"只能是application/x-www-form-urlencoded, multipart/form-data 或 text/plain
 * 反之,就是非简单跨域,此跨域有一个预检机制,说直白点,就是会发两次请求,一次OPTIONS请求,一次真正的请求
 */
@Bean
public WebFilter corsFilter() {
    return (ctx, chain) -> {
        ServerHttpRequest request = ctx.getRequest();
        if (!CorsUtils.isCorsRequest(request)) {
            return chain.filter(ctx);
        }
        HttpHeaders requestHeaders = request.getHeaders();
        ServerHttpResponse response = ctx.getResponse();
        HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
        HttpHeaders headers = response.getHeaders();
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
        headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
        if (requestMethod != null) {
            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
        }
        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);
        headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
        if (request.getMethod() == HttpMethod.OPTIONS) {
            response.setStatusCode(HttpStatus.OK);
            return Mono.empty();
        }
        return chain.filter(ctx);
    };
}
 
Example 17
Source File: ProxyExchangeArgumentResolver.java    From spring-cloud-gateway with Apache License 2.0 5 votes vote down vote up
private HttpHeaders extractAutoForwardedHeaders(NativeWebRequest webRequest) {
	HttpServletRequest nativeRequest = webRequest
			.getNativeRequest(HttpServletRequest.class);
	Enumeration<String> headerNames = nativeRequest.getHeaderNames();
	HttpHeaders headers = new HttpHeaders();
	while (headerNames.hasMoreElements()) {
		String header = headerNames.nextElement();
		if (this.autoForwardedHeaders.contains(header)) {
			headers.addAll(header,
					Collections.list(nativeRequest.getHeaders(header)));
		}
	}
	return headers;
}
 
Example 18
Source File: HandshakeWebSocketService.java    From spring-analysis-note with MIT License 5 votes vote down vote up
private HandshakeInfo createHandshakeInfo(ServerWebExchange exchange, ServerHttpRequest request,
		@Nullable String protocol, Map<String, Object> attributes) {

	URI uri = request.getURI();
	// Copy request headers, as they might be pooled and recycled by
	// the server implementation once the handshake HTTP exchange is done.
	HttpHeaders headers = new HttpHeaders();
	headers.addAll(request.getHeaders());
	Mono<Principal> principal = exchange.getPrincipal();
	String logPrefix = exchange.getLogPrefix();
	InetSocketAddress remoteAddress = request.getRemoteAddress();
	return new HandshakeInfo(uri, headers, principal, protocol, remoteAddress, attributes, logPrefix);
}
 
Example 19
Source File: DefaultCorsProcessor.java    From java-technology-stack with MIT License 4 votes vote down vote up
/**
 * Handle the given request.
 */
protected boolean handleInternal(ServerHttpRequest request, ServerHttpResponse response,
		CorsConfiguration config, boolean preFlightRequest) throws IOException {

	String requestOrigin = request.getHeaders().getOrigin();
	String allowOrigin = checkOrigin(config, requestOrigin);
	HttpHeaders responseHeaders = response.getHeaders();

	responseHeaders.addAll(HttpHeaders.VARY, Arrays.asList(HttpHeaders.ORIGIN,
			HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS));

	if (allowOrigin == null) {
		logger.debug("Reject: '" + requestOrigin + "' origin is not allowed");
		rejectRequest(response);
		return false;
	}

	HttpMethod requestMethod = getMethodToUse(request, preFlightRequest);
	List<HttpMethod> allowMethods = checkMethods(config, requestMethod);
	if (allowMethods == null) {
		logger.debug("Reject: HTTP '" + requestMethod + "' is not allowed");
		rejectRequest(response);
		return false;
	}

	List<String> requestHeaders = getHeadersToUse(request, preFlightRequest);
	List<String> allowHeaders = checkHeaders(config, requestHeaders);
	if (preFlightRequest && allowHeaders == null) {
		logger.debug("Reject: headers '" + requestHeaders + "' are not allowed");
		rejectRequest(response);
		return false;
	}

	responseHeaders.setAccessControlAllowOrigin(allowOrigin);

	if (preFlightRequest) {
		responseHeaders.setAccessControlAllowMethods(allowMethods);
	}

	if (preFlightRequest && !allowHeaders.isEmpty()) {
		responseHeaders.setAccessControlAllowHeaders(allowHeaders);
	}

	if (!CollectionUtils.isEmpty(config.getExposedHeaders())) {
		responseHeaders.setAccessControlExposeHeaders(config.getExposedHeaders());
	}

	if (Boolean.TRUE.equals(config.getAllowCredentials())) {
		responseHeaders.setAccessControlAllowCredentials(true);
	}

	if (preFlightRequest && config.getMaxAge() != null) {
		responseHeaders.setAccessControlMaxAge(config.getMaxAge());
	}

	response.flush();
	return true;
}