Java Code Examples for org.springframework.web.cors.CorsConfiguration#addAllowedHeader()

The following examples show how to use org.springframework.web.cors.CorsConfiguration#addAllowedHeader() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CorsConfig.java    From kogito-runtimes with Apache License 2.0 7 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();

    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("OPTIONS");
    config.addAllowedMethod("GET");
    config.addAllowedMethod("POST");
    config.addAllowedMethod("PUT");
    config.addAllowedMethod("DELETE");
    source.registerCorsConfiguration("/**", config);

    return new CorsFilter(source);
}
 
Example 2
Source File: CrossConfig.java    From swagger-showdoc with Apache License 2.0 6 votes vote down vote up
@Bean
   public FilterRegistrationBean corsFilter() {
       UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
       CorsConfiguration config = new CorsConfiguration();
       config.setAllowCredentials(true);
       // 设置你要允许的网站域名,如果全允许则设为 *
       config.addAllowedOrigin("*");
       // 如果要限制 HEADER 或 METHOD 请自行更改
       config.addAllowedHeader("*");
       config.addAllowedMethod("*");
       source.registerCorsConfiguration("/**", config);
       FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
       // 这个顺序很重要哦,为避免麻烦请设置在最前
       bean.setOrder(0);
       return bean;
}
 
Example 3
Source File: GlobalCorsConfig.java    From mall-tiny with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 4
Source File: CorsConfig.java    From microservices-platform with Apache License 2.0 6 votes vote down vote up
@Order(Ordered.HIGHEST_PRECEDENCE)
@Bean
public CorsWebFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    // cookie跨域
    config.setAllowCredentials(Boolean.TRUE);
    config.addAllowedMethod(ALL);
    config.addAllowedOrigin(ALL);
    config.addAllowedHeader(ALL);
    // 配置前端js允许访问的自定义响应头
    config.addExposedHeader("setToken");

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
    source.registerCorsConfiguration("/**", config);

    return new CorsWebFilter(source);
}
 
Example 5
Source File: GlobalCorsConfig.java    From mall-learning with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 6
Source File: GlobalCorsConfig.java    From BigDataPlatform with GNU General Public License v3.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 7
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilterForBusi() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    config.addExposedHeader("x-auth-token");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
 
Example 8
Source File: RestConfig.java    From c4sg-services with MIT License 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("OPTIONS");
    config.addAllowedMethod("GET");
    config.addAllowedMethod("POST");
    config.addAllowedMethod("PUT");
    config.addAllowedMethod("DELETE");
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 9
Source File: WebSecurityConfig.java    From taskana with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<CorsFilter> corsFilter() {
  final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
  CorsConfiguration config = new CorsConfiguration();
  config.setAllowCredentials(true);
  config.addAllowedOrigin("*");
  config.addAllowedHeader("*");
  config.addAllowedMethod("*");
  config.addAllowedMethod("POST");
  source.registerCorsConfiguration("/**", config);
  FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>(new CorsFilter(source));
  bean.setOrder(0);
  return bean;
}
 
Example 10
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
/**
 * 跨域支持
 *
 * @return
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 11
Source File: ContextConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     CorsConfiguration config = new CorsConfiguration();
     config.addAllowedOrigin("*");
     config.setAllowCredentials(true);
     config.addAllowedHeader("*");
     config.addAllowedMethod("*");
     source.registerCorsConfiguration("/**", config);
     FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
     bean.setOrder(0);
     return bean;
}
 
Example 12
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example 13
Source File: CorsConfig.java    From FlyCms with MIT License 5 votes vote down vote up
@Bean  //项目加载时,把过滤器生成,来统一管理跨源请求(不用再在每个controller上单独配置)
public CorsFilter corsFilter(){
    //配置跨域访问的过滤器
    //基于url的数据源
    UrlBasedCorsConfigurationSource source=new UrlBasedCorsConfigurationSource();
    CorsConfiguration corsConfiguration=new CorsConfiguration();
    //把允许的跨域源添加到corsConfiguration中
    this.addAllowedOrigins(corsConfiguration);
    corsConfiguration.addAllowedMethod("*");          //不对method做限制,允许所有method请求(get,post....)
    corsConfiguration.addAllowedHeader("*");          //不对head做限制
    corsConfiguration.setAllowCredentials(true);      //允许跨域访问(在响应报文里带上跨域请求的凭证,和浏览器请求里面xhrFields相匹配,前后端才能正常通信)
    source.registerCorsConfiguration("/**",corsConfiguration);   //指定对当前这个服务下的所有请求都启用corsConfiguration的配置
    return new CorsFilter(source);
}
 
Example 14
Source File: Cors.java    From signature with MIT License 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.setAllowCredentials(true);
    corsConfiguration.addAllowedOrigin("*");
    corsConfiguration.addAllowedHeader("*");
    corsConfiguration.addAllowedMethod("*");
    urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
    return new CorsFilter(urlBasedCorsConfigurationSource);
}
 
Example 15
Source File: CorsConfig.java    From open-capacity-platform with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true); // 允许cookies跨域
    config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许
    config.addAllowedHeader("*");// #允许访问的头信息,*表示全部
    config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 16
Source File: PortalController.java    From api-mock-util with Apache License 2.0 5 votes vote down vote up
/**
 * 生成跨域配置
 * @return
 */
private CorsConfiguration buildConfig() {
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.addAllowedOrigin("*");
    corsConfiguration.addAllowedHeader("*");
    corsConfiguration.addAllowedMethod("*");

    return corsConfiguration;
}
 
Example 17
Source File: ConfigurerAdapter.java    From yshopmall with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example 18
Source File: CCRIFHIRServer.java    From careconnect-reference-implementation with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter());
    bean.setOrder(0);
    return bean;
}
 
Example 19
Source File: CorsConfig.java    From flash-waimai with MIT License 5 votes vote down vote up
private CorsConfiguration buildConfig() {
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    //  你需要跨域的地址  注意这里的 127.0.0.1 != localhost
    // * 表示对所有的地址都可以访问
    corsConfiguration.addAllowedOrigin("*");
    //  跨域的请求头
    corsConfiguration.addAllowedHeader("*");
    //  跨域的请求方法
    corsConfiguration.addAllowedMethod("*");
    //加上了这一句,大致意思是可以携带 cookie
    //最终的结果是可以 在跨域请求的时候获取同一个 session
    corsConfiguration.setAllowCredentials(true);
    return corsConfiguration;
}
 
Example 20
Source File: JpaRestfulServerR4.java    From careconnect-reference-implementation with Apache License 2.0 4 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
protected void initialize() throws ServletException {
    super.initialize();
    TimeZone.setDefault(TimeZone.getTimeZone("UTC"));

    // Get the spring context from the web container (it's declared in web.xml)
    FhirVersionEnum fhirVersion = FhirVersionEnum.R4;
    setFhirContext(new FhirContext(fhirVersion));
    String serverBase = HapiProperties.getServerAddress();
    if (serverBase != null && !serverBase.isEmpty()) {
        setServerAddressStrategy(new HardcodedServerAddressStrategy(serverBase));
    }

    if (applicationContext == null ) log.info("Context is null");

    AutowireCapableBeanFactory autowireCapableBeanFactory = applicationContext.getAutowireCapableBeanFactory();
    autowireCapableBeanFactory.autowireBean(this);

    List<IResourceProvider> permissionlist = new ArrayList<>();
    Class<?> classType = null;
    try {
        classType = Class.forName("uk.nhs.careconnect.ccri.fhirserver.r4.provider.ObservationDefinitionProvider");
        log.info("class methods " + classType.getMethods()[4].getName() );
    } catch (ClassNotFoundException  e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (Exception ex) {
        log.error(ex.getMessage());
    }

    permissionlist.add((IResourceProvider) applicationContext.getBean(classType));
    setResourceProviders(permissionlist);

    // Replace built in conformance provider (CapabilityStatement)
    setServerConformanceProvider(new CareConnectServerConformanceR4Provider());

    setServerName(HapiProperties.getServerName());
    setServerVersion(HapiProperties.getSoftwareVersion());
    setImplementationDescription(HapiProperties.getSoftwareImplementationDesc());


    ServerInterceptor loggingInterceptor = new ServerInterceptor(log);
    registerInterceptor(loggingInterceptor);




    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedHeader("x-fhir-starter");
    config.addAllowedHeader("Origin");
    config.addAllowedHeader("Accept");
    config.addAllowedHeader("X-Requested-With");
    config.addAllowedHeader("Content-Type");

    config.addAllowedOrigin("*");

    config.addExposedHeader("Location");
    config.addExposedHeader("Content-Location");
    config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"));

    // Create the interceptor and register it
    CorsInterceptor interceptor = new CorsInterceptor(config);
    registerInterceptor(interceptor);

    ServerInterceptor gatewayInterceptor = new ServerInterceptor(log);
    if (HapiProperties.getSecurityOauth()) {
        registerInterceptor(new OAuth2Interceptor());  // Add OAuth2 Security Filter
    }
    registerInterceptor(gatewayInterceptor);

    FifoMemoryPagingProvider pp = new FifoMemoryPagingProvider(10);
    pp.setDefaultPageSize(10);
    pp.setMaximumPageSize(100);
    setPagingProvider(pp);

    setDefaultPrettyPrint(true);
    setDefaultResponseEncoding(EncodingEnum.JSON);

    ctx = getFhirContext();


    registerInterceptor( new ResponseHighlighterInterceptor());

    // Remove as believe due to issues on docker ctx.setNarrativeGenerator(new DefaultThymeleafNarrativeGenerator());
}