io.muserver.rest.CORSConfigBuilder Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of mu-server Show documentation
Show all versions of mu-server Show documentation
A simple but powerful web server framework
package io.muserver.rest;
import java.util.Collection;
import java.util.Collections;
import java.util.regex.Pattern;
import static java.util.Arrays.asList;
/**
* A builder to set configuration for CORS requests.
*/
public class CORSConfigBuilder {
private boolean allowCredentials = false;
private Collection allowedOrigins = Collections.emptySet();
private Pattern allowedOriginRegex;
private Collection exposedHeaders = Collections.emptySet();
private long maxAge = -1;
/**
* If set to true, then access-control-allow-credentials is returned with true on CORS responses.
* @param allowCredentials Whether or not to include the credentials header
* @return This builder
*/
public CORSConfigBuilder withAllowCredentials(boolean allowCredentials) {
this.allowCredentials = allowCredentials;
return this;
}
/**
* The origin values that CORS requests are allowed for.
* @param allowedOrigins Allowed origins, such as https://example.org or http://localhost:8080
* @return This builder
*/
public CORSConfigBuilder withAllowedOrigins(Collection allowedOrigins) {
this.allowedOrigins = allowedOrigins;
return this;
}
/**
* The origin values that CORS requests are allowed for.
* @param allowedOrigins Allowed origins, such as https://example.org or http://localhost:8080
* @return This builder
*/
public CORSConfigBuilder withAllowedOrigins(String... allowedOrigins) {
return withAllowedOrigins(asList(allowedOrigins));
}
/**
* The origin values that CORS requests are allowed for.
* @param allowedOriginRegex A regex to match, e.g. Pattern.compile("https://.*\\.example\\.org") to allow
* all subdomains of example.org over HTTPS.
* @return This builder
*/
public CORSConfigBuilder withAllowedOriginRegex(Pattern allowedOriginRegex) {
this.allowedOriginRegex = allowedOriginRegex;
return this;
}
/**
* Specifies which headers are allowed to be accessed by JavaScript.
* @param headerNames The names of headers to allow, for example Content-Type
* @return This builder
*/
public CORSConfigBuilder withExposedHeaders(String... headerNames) {
return withExposedHeaders(asList(headerNames));
}
/**
* Specifies which headers are allowed to be accessed by JavaScript.
* @param headerNames The names of headers to allow, for example Content-Type
* @return This builder
*/
public CORSConfigBuilder withExposedHeaders(Collection headerNames) {
this.exposedHeaders = headerNames;
return this;
}
/**
* On preflight OPTIONS requests, specifies the time the response is valid for
* @param maxAge The age in seconds, for example 600 for five minutes.
* @return This builder.
*/
public CORSConfigBuilder withMaxAge(long maxAge) {
this.maxAge = maxAge;
return this;
}
/**
* Creates a builder to set CORS configuration. Normally at least {@link #withAllowedOrigins(String...)} will be called.
* @return A new builder to create CORS config with
*/
public static CORSConfigBuilder corsConfig() {
return new CORSConfigBuilder()
.withMaxAge(600);
}
/**
* Creates CORS configuration that disables all CORS requests.
* @return A new builder to create CORS config with
*/
public static CORSConfigBuilder disabled() {
return new CORSConfigBuilder();
}
/**
* Builds CORS configuration from a builder
* @return An immutable configuration object.
*/
public CORSConfig build() {
return new CORSConfig(allowCredentials, allowedOrigins, allowedOriginRegex, exposedHeaders, maxAge);
}
}