github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

cleaned up CORS filter implementation

pull/650/head
Justin Richer 2013-09-03 16:01:19 -04:00
parent 9020261d2c
commit 1bf560842e
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
openid-connect-server/src/main/java/org/mitre/oauth2/web/CorsFilter.java
View File

@ -7,28 +7,29 @@ import java.io.IOException;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.filter.GenericFilterBean; import org.springframework.web.filter.OncePerRequestFilter;
/** /**
*
* Implements Cross-Origin Resource Sharing (CORS) headers. This filter adds the CORS
* headers to all requests that pass through it, and as such it should be used only
* on endpoints that require CORS support.
*
* @author jricher * @author jricher
* *
*/ */
@Component("corsFilter") @Component("corsFilter")
public class CorsFilter extends GenericFilterBean { public class CorsFilter extends OncePerRequestFilter {
/* (non-Javadoc) /* (non-Javadoc)
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/ */
@Override @Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException { public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)resp;
response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Origin", "*");
if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) { if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {