Package org.springframework.integration.http.dsl

Class HttpInboundEndpointSupportSpec.CrossOriginSpec

java.lang.Object
org.springframework.integration.http.dsl.HttpInboundEndpointSupportSpec.CrossOriginSpec
Enclosing class:
HttpInboundEndpointSupportSpec<S extends HttpInboundEndpointSupportSpec<S,​E>,​E extends BaseHttpInboundEndpoint>
public static final class HttpInboundEndpointSupportSpec.CrossOriginSpec
extends Object
A fluent API for the CrossOrigin.

  • Method Details

    • origin

      public HttpInboundEndpointSupportSpec.CrossOriginSpec origin​(String... origin)
      List of allowed origins, e.g. "https://domain1.com".

      These values are placed in the Access-Control-Allow-Origin header of both the pre-flight response and the actual response. "*" means that all origins are allowed.

      If undefined, all origins are allowed.

      Parameters:
      origin - the list of allowed origins.
      Returns:
      the spec

    • allowedHeaders

      public HttpInboundEndpointSupportSpec.CrossOriginSpec allowedHeaders​(String... allowedHeaders)
      List of request headers that can be used during the actual request.

      This property controls the value of the pre-flight response's Access-Control-Allow-Headers header. "*" means that all headers requested by the client are allowed.

      Parameters:
      allowedHeaders - the list of request headers.
      Returns:
      the spec

    • exposedHeaders

      public HttpInboundEndpointSupportSpec.CrossOriginSpec exposedHeaders​(String... exposedHeaders)
      List of response headers that the user-agent will allow the client to access.

      This property controls the value of actual response's Access-Control-Expose-Headers header.

      Parameters:
      exposedHeaders - the list of response headers.
      Returns:
      the spec

    • method

      public HttpInboundEndpointSupportSpec.CrossOriginSpec method​(RequestMethod... method)
      List of supported HTTP request methods, e.g. "{RequestMethod.GET, RequestMethod.POST}".

      Methods specified here override those specified via RequestMapping.

      Parameters:
      method - the list of supported HTTP request methods
      Returns:
      the spec

    • allowCredentials

      public HttpInboundEndpointSupportSpec.CrossOriginSpec allowCredentials​(Boolean allowCredentials)
      Whether the browser should include any cookies associated with the domain of the request being annotated.

      Set to "false" if such cookies should not included.

      Parameters:
      allowCredentials - the boolean flag to include Access-Control-Allow-Credentials=true in pre-flight response or not
      Returns:
      the spec

    • maxAge

      public HttpInboundEndpointSupportSpec.CrossOriginSpec maxAge​(long maxAge)
      The maximum age (in seconds) of the cache duration for pre-flight responses.

      This property controls the value of the Access-Control-Max-Age header in the pre-flight response.

      Parameters:
      maxAge - the maximum age (in seconds) of the cache duration for pre-flight responses.
      Returns:
      the spec