public class CrossOriginFilter extends Object implements javax.servlet.Filter
A typical example is to use this filter to allow cross-domain cometd communication using the standard long polling transport instead of the JSONP transport (that is less efficient and less reactive to failures).
This filter allows the following configuration parameters:
If an allowed origin contains one or more * characters (for example http://*.domain.com), then "*" characters are converted to ".*", "." characters are escaped to "\." and the resulting allowed origin interpreted as a regular expression.
Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3} that matches http or https, multiple subdomains and any 3 letter top-level domain (.com, .net, .org, etc.).
<web-app ...> ... <filter> <filter-name>cross-origin</filter-name> <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class> </filter> <filter-mapping> <filter-name>cross-origin</filter-name> <url-pattern>/cometd/*</url-pattern> </filter-mapping> ... </web-app>
Modifier and Type | Field and Description |
---|---|
static String |
ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER |
static String |
ACCESS_CONTROL_ALLOW_HEADERS_HEADER |
static String |
ACCESS_CONTROL_ALLOW_METHODS_HEADER |
static String |
ACCESS_CONTROL_ALLOW_ORIGIN_HEADER |
static String |
ACCESS_CONTROL_EXPOSE_HEADERS_HEADER |
static String |
ACCESS_CONTROL_MAX_AGE_HEADER |
static String |
ACCESS_CONTROL_REQUEST_HEADERS_HEADER |
static String |
ACCESS_CONTROL_REQUEST_METHOD_HEADER |
static String |
ALLOW_CREDENTIALS_PARAM |
static String |
ALLOWED_HEADERS_PARAM |
static String |
ALLOWED_METHODS_PARAM |
static String |
ALLOWED_ORIGINS_PARAM |
static String |
CHAIN_PREFLIGHT_PARAM |
static String |
EXPOSED_HEADERS_PARAM |
static String |
OLD_CHAIN_PREFLIGHT_PARAM |
static String |
PREFLIGHT_MAX_AGE_PARAM |
Constructor and Description |
---|
CrossOriginFilter() |
Modifier and Type | Method and Description |
---|---|
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
void |
init(javax.servlet.FilterConfig config) |
protected boolean |
isEnabled(javax.servlet.http.HttpServletRequest request) |
public static final String ACCESS_CONTROL_REQUEST_METHOD_HEADER
public static final String ACCESS_CONTROL_REQUEST_HEADERS_HEADER
public static final String ACCESS_CONTROL_ALLOW_ORIGIN_HEADER
public static final String ACCESS_CONTROL_ALLOW_METHODS_HEADER
public static final String ACCESS_CONTROL_ALLOW_HEADERS_HEADER
public static final String ACCESS_CONTROL_MAX_AGE_HEADER
public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER
public static final String ACCESS_CONTROL_EXPOSE_HEADERS_HEADER
public static final String ALLOWED_ORIGINS_PARAM
public static final String ALLOWED_METHODS_PARAM
public static final String ALLOWED_HEADERS_PARAM
public static final String PREFLIGHT_MAX_AGE_PARAM
public static final String ALLOW_CREDENTIALS_PARAM
public static final String EXPOSED_HEADERS_PARAM
public static final String OLD_CHAIN_PREFLIGHT_PARAM
public static final String CHAIN_PREFLIGHT_PARAM
public void init(javax.servlet.FilterConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
protected boolean isEnabled(javax.servlet.http.HttpServletRequest request)
public void destroy()
destroy
in interface javax.servlet.Filter
Copyright © 1995-2015 Webtide. All Rights Reserved.