|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: REQUIRED | OPTIONAL | DETAIL: ELEMENT |
@Target(value={TYPE,METHOD}) @Retention(value=RUNTIME) @Inherited public @interface CrossOriginResourceSharing
Attach CORS information
to a resource. This annotation is read by CrossOriginResourceSharingFilter
.
If this annotation is present on a method, or
on the method's class (or its superclasses), then it completely
overrides any parameters set in CrossOriginResourceSharingFilter
.
If a particular parameter of this annotation is not specified, then the
default value is used, not the parameters of the filter.
Note that the CORS specification censors the headers on a
preflight OPTIONS request. As a result, the filter cannot determine
exactly which method corresponds to the request, and so uses only
class-level annotations to set policies.
Optional Element Summary | |
---|---|
boolean |
allowAllOrigins
If true, this resource will return |
boolean |
allowCredentials
If true, this resource will return |
String[] |
allowHeaders
A list of headers that the client may include in an actual request. |
String[] |
allowOrigins
A list of permitted origins. |
String[] |
exposeHeaders
A list of headers to return in Access-Control-Expose-Headers. |
int |
maxAge
The value to return in Access-Control-Max-Age. |
public abstract boolean allowAllOrigins
Access-Control-Allow-Origin: *for a valid request
public abstract String[] allowOrigins
allowAllOrigins()
returns true
public abstract String[] allowHeaders
public abstract boolean allowCredentials
Access-Control-Allow-Credentials: true
public abstract String[] exposeHeaders
public abstract int maxAge
|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: REQUIRED | OPTIONAL | DETAIL: ELEMENT |