org.springframework.integration.http.dsl

Class HttpInboundEndpointSupportSpec.CrossOriginSpec

java.lang.Object

org.springframework.integration.http.dsl.HttpInboundEndpointSupportSpec.CrossOriginSpec

Enclosing class:

HttpInboundEndpointSupportSpec<S extends HttpInboundEndpointSupportSpec<S,E>,E extends BaseHttpInboundEndpoint>

public static final class HttpInboundEndpointSupportSpec.CrossOriginSpec
extends Object

A fluent API for the CrossOrigin.

Method Summary

Modifier and Type	Method and Description
HttpInboundEndpointSupportSpec.CrossOriginSpec	allowCredentials(Boolean allowCredentials) Whether the browser should include any cookies associated with the domain of the request being annotated.
HttpInboundEndpointSupportSpec.CrossOriginSpec	allowedHeaders(String... allowedHeaders) List of request headers that can be used during the actual request.
HttpInboundEndpointSupportSpec.CrossOriginSpec	exposedHeaders(String... exposedHeaders) List of response headers that the user-agent will allow the client to access.
HttpInboundEndpointSupportSpec.CrossOriginSpec	maxAge(long maxAge) The maximum age (in seconds) of the cache duration for pre-flight responses.
HttpInboundEndpointSupportSpec.CrossOriginSpec	method(RequestMethod... method) List of supported HTTP request methods, e.g.
HttpInboundEndpointSupportSpec.CrossOriginSpec	origin(String... origin) List of allowed origins, e.g.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

origin

public HttpInboundEndpointSupportSpec.CrossOriginSpec origin(String... origin)

List of allowed origins, e.g. "https://domain1.com".

These values are placed in the Access-Control-Allow-Origin header of both the pre-flight response and the actual response. "*" means that all origins are allowed.

If undefined, all origins are allowed.

Parameters:

origin - the list of allowed origins.

Returns:

the spec

allowedHeaders

public HttpInboundEndpointSupportSpec.CrossOriginSpec allowedHeaders(String... allowedHeaders)

List of request headers that can be used during the actual request.

This property controls the value of the pre-flight response's Access-Control-Allow-Headers header. "*" means that all headers requested by the client are allowed.

Parameters:

allowedHeaders - the list of request headers.

Returns:

the spec

exposedHeaders

public HttpInboundEndpointSupportSpec.CrossOriginSpec exposedHeaders(String... exposedHeaders)

List of response headers that the user-agent will allow the client to access.

This property controls the value of actual response's Access-Control-Expose-Headers header.

Parameters:

exposedHeaders - the list of response headers.

Returns:

the spec

method

public HttpInboundEndpointSupportSpec.CrossOriginSpec method(RequestMethod... method)

List of supported HTTP request methods, e.g. "{RequestMethod.GET, RequestMethod.POST}".

Methods specified here override those specified via RequestMapping.

Parameters:

method - the list of supported HTTP request methods

Returns:

the spec

allowCredentials

public HttpInboundEndpointSupportSpec.CrossOriginSpec allowCredentials(Boolean allowCredentials)

Whether the browser should include any cookies associated with the domain of the request being annotated.

Set to "false" if such cookies should not included.

Parameters:

allowCredentials - the boolean flag to include Access-Control-Allow-Credentials=true in pre-flight response or not

Returns:

the spec

maxAge

public HttpInboundEndpointSupportSpec.CrossOriginSpec maxAge(long maxAge)

The maximum age (in seconds) of the cache duration for pre-flight responses.

This property controls the value of the Access-Control-Max-Age header in the pre-flight response.

Parameters:

maxAge - the maximum age (in seconds) of the cache duration for pre-flight responses.

Returns:

the spec