public.javadoc.org.spincast.core.filters.SpincastFiltersDefault.html Maven / Gradle / Ivy
Show all versions of spincast-website Show documentation
SpincastFiltersDefault (org.spincast:spincast-framework 1.0.0 API)
org.spincast.core.filters
Class SpincastFiltersDefault<R extends RequestContext<?>>
- java.lang.Object
-
- org.spincast.core.filters.SpincastFiltersDefault<R>
-
- All Implemented Interfaces:
- SpincastFilters<R>
public class SpincastFiltersDefault<R extends RequestContext<?>>
extends Object
implements SpincastFilters<R>
Spincast filters implementations.
-
-
Nested Class Summary
Nested Classes
Modifier and Type
Class and Description
protected class
SpincastFiltersDefault.LazyLoadedFlashMessageAlert
-
Field Summary
Fields
Modifier and Type
Field and Description
protected org.slf4j.Logger
logger
-
Constructor Summary
Constructors
Constructor and Description
SpincastFiltersDefault(CorsFilter corsFilter,
SpincastConfig spincastConfig,
Server server,
SpincastUtils spincastUtils)
Constructor
-
Method Summary
All Methods Instance Methods Concrete Methods
Modifier and Type
Method and Description
void
addDefaultGlobalTemplateVariables(R context)
Adds some default variables so they are available
to any template rendering (in a request scope).
void
addSecurityHeaders(R context)
Adds some recommended security headers.
void
cache(R context)
void
cache(R context,
int seconds)
void
cache(R context,
int seconds,
boolean isPrivate)
void
cache(R context,
int seconds,
boolean isPrivate,
Integer cdnSeconds)
void
cors(R context)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods)
Cross-Origin Resource Sharing (Cors) handling.
void
cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Cross-Origin Resource Sharing (Cors) handling.
protected CorsFilterClient
createCorsFilterClient(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Creates a client for the cors filter.
protected Integer
getCacheCdnSecondsByDefault()
protected int
getCacheSecondsByDefault()
protected Set<HttpMethod>
getCorsDefaultAllowedMethods()
The HTTP methods allowed by default.
protected Set<String>
getCorsDefaultAllowedOrigins()
The origins allowed, by default.
protected Set<String>
getCorsDefaultExtraHeadersAllowedToBeRead()
The extra headers allowed to be read, by default,
protected Set<String>
getCorsDefaultExtraHeadersAllowedToBeSent()
The extra headers allowed to be sent, by default,
protected boolean
getCorsDefaultIsCookiesAllowed()
Are cookies allowed by default?
protected int
getCorsDefaultMaxAgeInSeconds()
If <= 0, the "Access-Control-Max-Age" header
won't be sent.
protected CorsFilter
getCorsFilter()
protected Server
getServer()
protected SpincastConfig
getSpincastConfig()
protected SpincastUtils
getSpincastUtils()
protected boolean
isCachePrivateByDefault()
boolean
saveGeneratedResource(R context,
String pathForGeneratedResource)
Used by Spincast to save a "dynamic resource" once it is
generated.
-
-
Constructor Detail
-
SpincastFiltersDefault
@Inject
public SpincastFiltersDefault(CorsFilter corsFilter,
SpincastConfig spincastConfig,
Server server,
SpincastUtils spincastUtils)
Constructor
-
Method Detail
-
getCorsFilter
protected CorsFilter getCorsFilter()
-
getSpincastConfig
protected SpincastConfig getSpincastConfig()
-
getServer
protected Server getServer()
-
getSpincastUtils
protected SpincastUtils getSpincastUtils()
-
saveGeneratedResource
public boolean saveGeneratedResource(R context,
String pathForGeneratedResource)
Description copied from interface: SpincastFilters
Used by Spincast to save a "dynamic resource" once it is
generated.
- Specified by:
saveGeneratedResource
in interface SpincastFilters<R extends RequestContext<?>>
- Returns:
- true if the resource was succesfully saved on disk.
-
addSecurityHeaders
public void addSecurityHeaders(R context)
Description copied from interface: SpincastFilters
Adds some recommended security headers.
- Specified by:
addSecurityHeaders
in interface SpincastFilters<R extends RequestContext<?>>
- See Also:
https://www.owasp.org/index.php/List_of_useful_HTTP_headers
-
cors
public void cors(R context)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all origins, allows cookies,
allows all HTTP methods, all headers will be allowed to
be sent by the browser, but no extra headers will
be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
If you want to allow everything AND to add extra headers
to be read, use :
cors(context,
Sets.newHashSet("*"),
Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
-
cors
public void cors(R context,
Set<String> allowedOrigins)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
This overload allows allows cookies,
allows all HTTP methods for the
specified origins, all headers will be allowed to
be sent by the browser, but no extra headers will
be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
If you want to allow everything for those origins AND to
add extra headers to be read, use :
cors(context,
allowedOrigins,
Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!
-
cors
public void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
This overload allows cookies, allows all HTTP methods and
all headers will be allowed to be sent by the browser, for the
specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!
extraHeadersAllowedToBeRead
- The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
-
cors
public void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all cookies and all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!
extraHeadersAllowedToBeRead
- The extra headers the browser will
have permission to read from the response.
By default, only those headers are exposed :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
extraHeadersAllowedToBeSent
- The extra headers the
browser will be allowed to send with the actual
(post preflight) request.
-
cors
public void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
This overload allows all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
will be allowed!
extraHeadersAllowedToBeRead
- The extra headers the browser will
have permission to read from the response.
By default, only those headers are exposed :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
extraHeadersAllowedToBeSent
- The extra headers the
browser will be allowed to send with the actual
(post preflight) request.
allowCookies
- Should cookies be allowed?
-
cors
public void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
Send a Max-Age of 24h. The Max-Age is the
maximum number of seconds a
preflight response can be cached without querying
again.
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
are allowed!
extraHeadersAllowedToBeRead
- The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
extraHeadersAllowedToBeSent
- The extra headers the
browser will be allowed to send with the actual
(post preflight) request. If one of the headers is "*",
then all headers are allowed to be sent!
allowCookies
- Should cookies be allowed?
allowedMethods
- The HTTP method allowed. "OPTIONS" will
be addded if not specified, as it should always be
allowed.
-
cors
public void cors(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Description copied from interface: SpincastFilters
Cross-Origin Resource Sharing (Cors) handling.
- Specified by:
cors
in interface SpincastFilters<R extends RequestContext<?>>
allowedOrigins
- The origins to allow ("http://api.bob.com"
for example). If one of the origins is "*", then all origins
are allowed!
extraHeadersAllowedToBeRead
- The extra headers the browser will
have permission to read from the response.
By default, only those headers are available :
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
extraHeadersAllowedToBeSent
- The extra headers the
browser will be allowed to send with the actual
(post preflight) request. If one of the headers is "*",
then all headers are allowed to be sent!
allowCookies
- Should cookies be allowed?
allowedMethods
- The HTTP method allowed. "OPTIONS" will
be addded if not specified, as it should always be
allowed.
maxAgeInSeconds
- The maximum number of seconds a
preflight response can be cached without querying
again. If <= 0, the "Access-Control-Max-Age" header
won't be sent.
-
createCorsFilterClient
protected CorsFilterClient createCorsFilterClient(R context,
Set<String> allowedOrigins,
Set<String> extraHeadersAllowedToBeRead,
Set<String> extraHeadersAllowedToBeSent,
boolean allowCookies,
Set<HttpMethod> allowedMethods,
int maxAgeInSeconds)
Creates a client for the cors filter.
-
getCorsDefaultMaxAgeInSeconds
protected int getCorsDefaultMaxAgeInSeconds()
If <= 0, the "Access-Control-Max-Age" header
won't be sent.
-
getCorsDefaultAllowedOrigins
protected Set<String> getCorsDefaultAllowedOrigins()
The origins allowed, by default.
-
getCorsDefaultExtraHeadersAllowedToBeRead
protected Set<String> getCorsDefaultExtraHeadersAllowedToBeRead()
The extra headers allowed to be read, by default,
-
getCorsDefaultExtraHeadersAllowedToBeSent
protected Set<String> getCorsDefaultExtraHeadersAllowedToBeSent()
The extra headers allowed to be sent, by default,
-
getCorsDefaultIsCookiesAllowed
protected boolean getCorsDefaultIsCookiesAllowed()
Are cookies allowed by default?
-
getCorsDefaultAllowedMethods
protected Set<HttpMethod> getCorsDefaultAllowedMethods()
The HTTP methods allowed by default.
-
cache
public void cache(R context)
- Specified by:
cache
in interface SpincastFilters<R extends RequestContext<?>>
-
cache
public void cache(R context,
int seconds)
- Specified by:
cache
in interface SpincastFilters<R extends RequestContext<?>>
-
cache
public void cache(R context,
int seconds,
boolean isPrivate)
- Specified by:
cache
in interface SpincastFilters<R extends RequestContext<?>>
-
cache
public void cache(R context,
int seconds,
boolean isPrivate,
Integer cdnSeconds)
- Specified by:
cache
in interface SpincastFilters<R extends RequestContext<?>>
-
getCacheSecondsByDefault
protected int getCacheSecondsByDefault()
-
isCachePrivateByDefault
protected boolean isCachePrivateByDefault()
-
getCacheCdnSecondsByDefault
protected Integer getCacheCdnSecondsByDefault()
-
addDefaultGlobalTemplateVariables
public void addDefaultGlobalTemplateVariables(R context)
Description copied from interface: SpincastFilters
Adds some default variables so they are available
to any template rendering (in a request scope).
- Specified by:
addDefaultGlobalTemplateVariables
in interface SpincastFilters<R extends RequestContext<?>>
Copyright © 2019. All rights reserved.