1 package net.sumaris.server.http.filter;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25 import org.springframework.core.annotation.Order;
26 import org.springframework.stereotype.Component;
27
28 import javax.servlet.*;
29 import javax.servlet.http.HttpServletRequest;
30 import javax.servlet.http.HttpServletResponse;
31 import java.io.IOException;
32
33 @Component
34 @Order(0)
35 public class CORSFilter implements Filter {
36
37 @Override
38 public void init(FilterConfig filterConfig) throws ServletException {
39
40 }
41
42 @Override
43 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
44 HttpServletRequest request = (HttpServletRequest) req;
45 HttpServletResponse response = (HttpServletResponse) res;
46
47 response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
48 response.setHeader("Access-Control-Allow-Credentials", "true");
49 response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT, OPTIONS");
50 response.setHeader("Access-Control-Max-Age", "3600");
51 response.setHeader("Access-Control-Allow-Headers", "accept, access-control-allow-origin, authorization, content-type");
52
53 if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
54 response.setStatus(HttpServletResponse.SC_OK);
55 } else {
56 chain.doFilter(req, res);
57 }
58 }
59
60 @Override
61 public void destroy() {
62
63 }
64 }