@Target(value={TYPE,METHOD}) @Retention(value=RUNTIME) @Inherited public @interface CrossOriginResourceSharing
CrossOriginResourceSharingFilter
.
If this annotation is present on a method, or
on the method's class (or its superclasses), then it completely
overrides any parameters set in CrossOriginResourceSharingFilter
.
If a particular parameter of this annotation is not specified, then the
default value is used, not the parameters of the filter.
Note that the CORS specification censors the headers on a
preflight OPTIONS request. As a result, the filter cannot determine
exactly which method corresponds to the request, and so uses only
class-level annotations to set policies.Modifier and Type | Optional Element and Description |
---|---|
boolean |
allowAllOrigins
If true, this resource will return
|
boolean |
allowCredentials
If true, this resource will return
|
String[] |
allowHeaders
A list of headers that the client may include
in an actual request.
|
String[] |
allowOrigins
A list of permitted origins.
|
String[] |
exposeHeaders
A list of headers to return in
Access-Control-Expose-Headers.
|
int |
maxAge
The value to return in Access-Control-Max-Age.
|
public abstract boolean allowAllOrigins
Access-Control-Allow-Origin: *for a valid request
public abstract String[] allowOrigins
allowAllOrigins()
returns truepublic abstract String[] allowHeaders
public abstract boolean allowCredentials
Access-Control-Allow-Credentials: true
public abstract String[] exposeHeaders
public abstract int maxAge
Apache CXF