public abstract class CorsUtils extends Object
Constructor and Description |
---|
CorsUtils() |
Modifier and Type | Method and Description |
---|---|
static boolean |
isCorsRequest(ServerHttpRequest request)
Returns
true if the request is a valid CORS one. |
static boolean |
isPreFlightRequest(ServerHttpRequest request)
Returns
true if the request is a valid CORS pre-flight one. |
static boolean |
isSameOrigin(ServerHttpRequest request)
Check if the request is a same-origin one, based on
Origin , Host ,
Forwarded , X-Forwarded-Proto , X-Forwarded-Host and |
public static boolean isCorsRequest(ServerHttpRequest request)
true
if the request is a valid CORS one.public static boolean isPreFlightRequest(ServerHttpRequest request)
true
if the request is a valid CORS pre-flight one.public static boolean isSameOrigin(ServerHttpRequest request)
Origin
, Host
,
Forwarded
, X-Forwarded-Proto
, X-Forwarded-Host
andtrue
if the request is a same-origin one, false
in case
of a cross-origin request
Note: this method uses values from "Forwarded"
(RFC 7239),
"X-Forwarded-Host", "X-Forwarded-Port", and "X-Forwarded-Proto" headers,
if present, in order to reflect the client-originated address.
Consider using the ForwardedHeaderFilter
in order to choose from a
central place whether to extract and use, or to discard such headers.
See the Spring Framework reference for more on this filter.