public.javadoc.org.spincast.core.filters.SpincastFilters.html Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of spincast-website Show documentation
Show all versions of spincast-website Show documentation
Source code for the https://www.spincast.org website.
SpincastFilters (org.spincast:spincast-framework 1.0.0 API)
org.spincast.core.filters
Interface SpincastFilters<R extends RequestContext<?>>
-
- All Known Implementing Classes:
- SpincastFiltersDefault
public interface SpincastFilters<R extends RequestContext<?>>
Some filters provided by Spincast.
-
-
Method Summary
All Methods Instance Methods Abstract Methods
Modifier and Type
Method and Description
voidaddDefaultGlobalTemplateVariables(R context)
Adds some default variables so they are available
to any template rendering (in a request scope).
voidaddSecurityHeaders(R context)
Adds some recommended security headers.
voidcache(R context)
voidcache(R context,
int seconds)
voidcache(R context,
int seconds,
boolean isPrivate)
voidcache(R context,
int seconds,
boolean isPrivate,
Integer cdnSeconds)
voidcors(R context)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods)
Cross-Origin Resource Sharing (Cors) handling.
voidcors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Cross-Origin Resource Sharing (Cors) handling.
booleansaveGeneratedResource(R context,
String pathForGeneratedResource)
Used by Spincast to save a "dynamic resource" once it is
generated.
-
-
Method Detail
-
saveGeneratedResource
boolean saveGeneratedResource(R context,
String pathForGeneratedResource)
Used by Spincast to save a "dynamic resource" once it is
generated.
- Returns:
- true if the resource was succesfully saved on disk.
-
addSecurityHeaders
void addSecurityHeaders(R context)
Adds some recommended security headers.
- See Also:
https://www.owasp.org/index.php/List_of_useful_HTTP_headers
-
cors
void cors(R context)
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all origins, allows cookies,
allows all HTTP methods, all headers will be allowed to
be sent by the browser, but no extra headers will
be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
If you want to allow everything AND to add extra headers
to be read, use :
cors(context,
Sets.newHashSet("*"),
Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
-
cors
void cors(R context,
Set<String> allowedOrigins)
Cross-Origin Resource Sharing (Cors) handling.
This overload allows allows cookies,
allows all HTTP methods for the
specified origins, all headers will be allowed to
be sent by the browser, but no extra headers will
be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
If you want to allow everything for those origins AND to
add extra headers to be read, use :
cors(context,
allowedOrigins,
Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!
-
cors
void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead)
Cross-Origin Resource Sharing (Cors) handling.
This overload allows cookies, allows all HTTP methods and
all headers will be allowed to be sent by the browser, for the
specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!extraHeadersAllowedToBeRead - The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
-
cors
void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent)
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all cookies and all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!extraHeadersAllowedToBeRead - The extra headers the browser will
have permission to read from the response.
By default, only those headers are exposed :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
PragmaextraHeadersAllowedToBeSent - The extra headers the
browser will be allowed to send with the actual
(post preflight) request.allowCookies - Should cookies be allowed?
-
cors
void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies)
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!extraHeadersAllowedToBeRead - The extra headers the browser will
have permission to read from the response.
By default, only those headers are exposed :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
PragmaextraHeadersAllowedToBeSent - The extra headers the
browser will be allowed to send with the actual
(post preflight) request.allowCookies - Should cookies be allowed?
-
cors
void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods)
Cross-Origin Resource Sharing (Cors) handling.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
are allowed!extraHeadersAllowedToBeRead - The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
PragmaextraHeadersAllowedToBeSent - The extra headers the
browser will be allowed to send with the actual
(post preflight) request. If one of the headers is "*",
then all headers are allowed to be sent!allowCookies - Should cookies be allowed?allowedMethods - The HTTP method allowed. "OPTIONS" will
be addded if not specified, as it should always be
allowed.
-
cors
void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Cross-Origin Resource Sharing (Cors) handling.
- Parameters:
allowedOrigins - The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
are allowed!extraHeadersAllowedToBeRead - The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
PragmaextraHeadersAllowedToBeSent - The extra headers the
browser will be allowed to send with the actual
(post preflight) request. If one of the headers is "*",
then all headers are allowed to be sent!allowCookies - Should cookies be allowed?allowedMethods - The HTTP method allowed. "OPTIONS" will
be addded if not specified, as it should always be
allowed.maxAgeInSeconds - The maximum number of seconds a
preflight response can be cached without querying
again. If <= 0, the "Access-Control-Max-Age" header
won't be sent.
-
cache
void cache(R context)
-
cache
void cache(R context,
int seconds)
-
cache
void cache(R context,
int seconds,
boolean isPrivate)
-
addDefaultGlobalTemplateVariables
void addDefaultGlobalTemplateVariables(R context)
Adds some default variables so they are available
to any template rendering (in a request scope).
Copyright © 2019. All rights reserved.
Spincast Framework