Package akka.http.impl.settings

Class CorsSettingsImpl

  • All Implemented Interfaces:
    CorsSettings, java.io.Serializable, scala.Equals, scala.Product
    public class CorsSettingsImpl
extends CorsSettings
implements CorsSettings, scala.Product, java.io.Serializable
    This implementation is based on the akka-http-cors project by Lomig Mégard, licensed under the Apache License, Version 2.0.

    INTERNAL API

    See Also:
    Serialized Form

    • Constructor Detail

      • CorsSettingsImpl

        public CorsSettingsImpl​(boolean allowGenericHttpRequests,
                        boolean allowCredentials,
                        scala.collection.immutable.Set<java.lang.String> allowedOrigins,
                        scala.collection.immutable.Set<java.lang.String> allowedHeaders,
                        scala.collection.immutable.Set<HttpMethod> allowedMethods,
                        scala.collection.immutable.Set<java.lang.String> exposedHeaders,
                        scala.concurrent.duration.FiniteDuration maxAge)

    • Method Detail

      • allowAnySet

        public static scala.collection.immutable.Set<java.lang.String> allowAnySet()

      • fromSubConfig

        public static CorsSettingsImpl fromSubConfig​(com.typesafe.config.Config root,
                                             com.typesafe.config.Config config)

      • prefix

        protected static java.lang.String prefix()

      • apply

        public static T apply​(akka.actor.ActorSystem system)

      • apply

        public static T apply​(java.lang.String configOverrides)

      • apply

        public static T apply​(com.typesafe.config.Config config)

      • allowGenericHttpRequests

        public boolean allowGenericHttpRequests()
        Description copied from class: CorsSettings
        Allow generic requests, that are outside the scope of the specification, for example lacking an Origin header to pass through the directive.

        When false strict CORS filtering is applied and any invalid request will be rejected.

        Specified by:
        allowGenericHttpRequests in interface CorsSettings
        Specified by:
        allowGenericHttpRequests in class CorsSettings
        Returns:
        (undocumented)

      • allowCredentials

        public boolean allowCredentials()
        Description copied from class: CorsSettings
        If enabled, the header Access-Control-Allow-Credentials is included in the response, indicating that the actual request can include user credentials. Examples of user credentials are: cookies, HTTP authentication or client-side certificates.
        Specified by:
        allowCredentials in interface CorsSettings
        Specified by:
        allowCredentials in class CorsSettings
        Returns:
        (undocumented)

      • allowedOrigins

        public scala.collection.immutable.Set<java.lang.String> allowedOrigins()
        Description copied from interface: CorsSettings
        List of origins that the CORS filter must allow.

        Can also be set to a single * to allow access to the resource from any origin.

        Controls the content of the Access-Control-Allow-Origin response header: if parameter is * and credentials are not allowed, a * is returned in Access-Control-Allow-Origin. Otherwise, the origins given in the Origin request header are echoed.

        Hostname starting with *. will match any sub-domain. The scheme and the port are always strictly matched.

        The actual or preflight request is rejected if any of the origins from the request is not allowed.

        Specified by:
        allowedOrigins in interface CorsSettings
        Returns:
        (undocumented)

      • allowedHeaders

        public scala.collection.immutable.Set<java.lang.String> allowedHeaders()
        Description copied from interface: CorsSettings
        Set of request headers that are allowed when making an actual request.

        Controls the content of the Access-Control-Allow-Headers header in a preflight response: If set to a single *, the headers from Access-Control-Request-Headers are echoed. Otherwise specified list of header names is returned as part of the header.

        Specified by:
        allowedHeaders in interface CorsSettings
        Returns:
        (undocumented)

      • allowedMethods

        public scala.collection.immutable.Set<HttpMethod> allowedMethods()
        Description copied from interface: CorsSettings
        List of methods allowed when making an actual request. The listed headers are returned as part of the Access-Control-Allow-Methods preflight response header.

        The preflight request will be rejected if the Access-Control-Request-Method header's method is not part of the list.

        Specified by:
        allowedMethods in interface CorsSettings
        Returns:
        (undocumented)

      • exposedHeaders

        public scala.collection.immutable.Set<java.lang.String> exposedHeaders()
        Description copied from interface: CorsSettings
        Set of headers (other than simple response headers) that browsers are allowed to access. If not empty, the listed headers are returned as part of the Access-Control-Expose-Headers header in responses.
        Specified by:
        exposedHeaders in interface CorsSettings
        Returns:
        (undocumented)

      • maxAge

        public scala.concurrent.duration.FiniteDuration maxAge()
        Description copied from interface: CorsSettings
        The time the browser is allowed to cache the results of a preflight request. This value is returned as part of the Access-Control-Max-Age preflight response header. If scala.concurrent.duration.Duration.Zero, the header is not added to the preflight response.
        Specified by:
        maxAge in interface CorsSettings
        Returns:
        (undocumented)

      • originsMatches

        public scala.Function1<scala.collection.immutable.Seq<HttpOrigin>,​java.lang.Object> originsMatches()

      • headerNameAllowed

        public scala.Function1<java.lang.String,​java.lang.Object> headerNameAllowed()

      • actualResponseHeaders

        public scala.collection.immutable.List<HttpHeader> actualResponseHeaders​(scala.collection.immutable.Seq<HttpOrigin> origins)

      • preflightResponseHeaders

        public scala.collection.immutable.List<HttpHeader> preflightResponseHeaders​(scala.collection.immutable.Seq<HttpOrigin> origins,
                                                                            scala.collection.immutable.Seq<java.lang.String> requestHeaders)