org.elasticsearch.http.netty4.cors

Class Netty4CorsConfigBuilder

java.lang.Object

org.elasticsearch.http.netty4.cors.Netty4CorsConfigBuilder

public final class Netty4CorsConfigBuilder
extends java.lang.Object

Builder used to configure and build a Netty4CorsConfig instance. This class was lifted from the Netty project: https://github.com/netty/netty

Method Summary

Modifier and Type	Method and Description
Netty4CorsConfigBuilder	allowCredentials() By default cookies are not included in CORS requests, but this method will enable cookies to be added to CORS requests.
Netty4CorsConfigBuilder	allowedRequestHeaders(java.lang.String... headers) Specifies the if headers that should be returned in the CORS 'Access-Control-Allow-Headers' response header.
Netty4CorsConfigBuilder	allowedRequestMethods(io.netty.handler.codec.http.HttpMethod... methods) Specifies the allowed set of HTTP Request Methods that should be returned in the CORS 'Access-Control-Request-Method' response header.
Netty4CorsConfig	build() Builds a Netty4CorsConfig with settings specified by previous method calls.
Netty4CorsConfigBuilder	disable() Disables CORS support.
static Netty4CorsConfigBuilder	forAnyOrigin() Creates a Builder instance with it's origin set to '*'.
static Netty4CorsConfigBuilder	forOrigin(java.lang.String origin) Creates a Netty4CorsConfigBuilder instance with the specified origin.
static Netty4CorsConfigBuilder	forOrigins(java.lang.String... origins) Creates a Netty4CorsConfigBuilder instance with the specified origins.
static Netty4CorsConfigBuilder	forPattern(java.util.regex.Pattern pattern) Create a Netty4CorsConfigBuilder instance with the specified pattern origin.
Netty4CorsConfigBuilder	maxAge(long max) When making a preflight request the client has to perform two request with can be inefficient.
Netty4CorsConfigBuilder	noPreflightResponseHeaders() Specifies that no preflight response headers should be added to a preflight response.
<T> Netty4CorsConfigBuilder	preflightResponseHeader(java.lang.CharSequence name, java.util.concurrent.Callable<T> valueGenerator) Returns HTTP response headers that should be added to a CORS preflight response.
<T> Netty4CorsConfigBuilder	preflightResponseHeader(java.lang.CharSequence name, java.lang.Iterable<T> value) Returns HTTP response headers that should be added to a CORS preflight response.
Netty4CorsConfigBuilder	preflightResponseHeader(java.lang.CharSequence name, java.lang.Object... values) Returns HTTP response headers that should be added to a CORS preflight response.
Netty4CorsConfigBuilder	shortCircuit() Specifies that a CORS request should be rejected if it's invalid before being further processing.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

forAnyOrigin

public static Netty4CorsConfigBuilder forAnyOrigin()

Creates a Builder instance with it's origin set to '*'.

Returns:

Builder to support method chaining.

forOrigin

public static Netty4CorsConfigBuilder forOrigin(java.lang.String origin)

Creates a Netty4CorsConfigBuilder instance with the specified origin.

Returns:

Netty4CorsConfigBuilder to support method chaining.

forPattern

public static Netty4CorsConfigBuilder forPattern(java.util.regex.Pattern pattern)

Create a Netty4CorsConfigBuilder instance with the specified pattern origin.

Parameters:

pattern - the regular expression pattern to match incoming origins on.

Returns:

Netty4CorsConfigBuilder with the configured origin pattern.

forOrigins

public static Netty4CorsConfigBuilder forOrigins(java.lang.String... origins)

Creates a Netty4CorsConfigBuilder instance with the specified origins.

Returns:

Netty4CorsConfigBuilder to support method chaining.

disable

public Netty4CorsConfigBuilder disable()

Disables CORS support.

Returns:

Netty4CorsConfigBuilder to support method chaining.

allowCredentials

public Netty4CorsConfigBuilder allowCredentials()

By default cookies are not included in CORS requests, but this method will enable cookies to be added to CORS requests. Calling this method will set the CORS 'Access-Control-Allow-Credentials' response header to true. Please note, that cookie support needs to be enabled on the client side as well. The client needs to opt-in to send cookies by calling:

 xhr.withCredentials = true;
 

The default value for 'withCredentials' is false in which case no cookies are sent. Setting this to true will included cookies in cross origin requests.

Returns:

Netty4CorsConfigBuilder to support method chaining.

maxAge

public Netty4CorsConfigBuilder maxAge(long max)

When making a preflight request the client has to perform two request with can be inefficient. This setting will set the CORS 'Access-Control-Max-Age' response header and enables the caching of the preflight response for the specified time. During this time no preflight request will be made.

Parameters:

max - the maximum time, in seconds, that the preflight response may be cached.

Returns:

Netty4CorsConfigBuilder to support method chaining.

allowedRequestMethods

public Netty4CorsConfigBuilder allowedRequestMethods(io.netty.handler.codec.http.HttpMethod... methods)

Specifies the allowed set of HTTP Request Methods that should be returned in the CORS 'Access-Control-Request-Method' response header.

Parameters:

methods - the HttpMethods that should be allowed.

Returns:

Netty4CorsConfigBuilder to support method chaining.

allowedRequestHeaders

public Netty4CorsConfigBuilder allowedRequestHeaders(java.lang.String... headers)

Specifies the if headers that should be returned in the CORS 'Access-Control-Allow-Headers' response header. If a client specifies headers on the request, for example by calling:

 xhr.setRequestHeader('My-Custom-Header', "SomeValue");
 

the server will receive the above header name in the 'Access-Control-Request-Headers' of the preflight request. The server will then decide if it allows this header to be sent for the real request (remember that a preflight is not the real request but a request asking the server if it allow a request).

Parameters:

headers - the headers to be added to the preflight 'Access-Control-Allow-Headers' response header.

Returns:

Netty4CorsConfigBuilder to support method chaining.

preflightResponseHeader

public Netty4CorsConfigBuilder preflightResponseHeader(java.lang.CharSequence name,
                                                       java.lang.Object... values)

Returns HTTP response headers that should be added to a CORS preflight response. An intermediary like a load balancer might require that a CORS preflight request have certain headers set. This enables such headers to be added.

Parameters:

name - the name of the HTTP header.

values - the values for the HTTP header.

Returns:

Netty4CorsConfigBuilder to support method chaining.

preflightResponseHeader

public <T> Netty4CorsConfigBuilder preflightResponseHeader(java.lang.CharSequence name,
                                                           java.lang.Iterable<T> value)

Returns HTTP response headers that should be added to a CORS preflight response. An intermediary like a load balancer might require that a CORS preflight request have certain headers set. This enables such headers to be added.

Type Parameters:

T - the type of values that the Iterable contains.

Parameters:

name - the name of the HTTP header.

value - the values for the HTTP header.

Returns:

Netty4CorsConfigBuilder to support method chaining.

preflightResponseHeader

public <T> Netty4CorsConfigBuilder preflightResponseHeader(java.lang.CharSequence name,
                                                           java.util.concurrent.Callable<T> valueGenerator)

Returns HTTP response headers that should be added to a CORS preflight response. An intermediary like a load balancer might require that a CORS preflight request have certain headers set. This enables such headers to be added. Some values must be dynamically created when the HTTP response is created, for example the 'Date' response header. This can be accomplished by using a Callable which will have its 'call' method invoked when the HTTP response is created.

Type Parameters:

T - the type of the value that the Callable can return.

Parameters:

name - the name of the HTTP header.

valueGenerator - a Callable which will be invoked at HTTP response creation.

Returns:

Netty4CorsConfigBuilder to support method chaining.

noPreflightResponseHeaders

public Netty4CorsConfigBuilder noPreflightResponseHeaders()

Specifies that no preflight response headers should be added to a preflight response.

Returns:

Netty4CorsConfigBuilder to support method chaining.

shortCircuit

public Netty4CorsConfigBuilder shortCircuit()

Specifies that a CORS request should be rejected if it's invalid before being further processing. CORS headers are set after a request is processed. This may not always be desired and this setting will check that the Origin is valid and if it is not valid no further processing will take place, and a error will be returned to the calling client.

Returns:

Netty4CorsConfigBuilder to support method chaining.

build

public Netty4CorsConfig build()

Builds a Netty4CorsConfig with settings specified by previous method calls.

Returns:

Netty4CorsConfig the configured CorsConfig instance.