Class CorsFilter

java.lang.Object
org.forgerock.http.filter.cors.CorsFilter
All Implemented Interfaces:
Filter

public class CorsFilter extends Object implements Filter
This filters implements the resource processing of the CORS protocol.

When this filter is traversed by a request, it will process it differently if it is a non-CORS request, a CORS preflight request or an actual request:

  • Non-CORS requests are not rejected and are continued down the chain.

    Actual and Preflight requests are processed by a matching CorsPolicy.

The policy to be used is found dynamically with the help of a CorsPolicyProvider, that is given the request's Context so that it can find applicable policies based on knowledge computed by previous filters.

When a unique applicable policy cannot be found for a CORS request, then the failure handler is invoked.

See Also:
  • Constructor Details

    • CorsFilter

      public CorsFilter(CorsPolicyProvider provider, Handler failureHandler)
      Constructs a new CORS filter using the given CorsPolicyProvider and failureHandler.
      Parameters:
      provider - provides the CORS policies
      failureHandler - handler to be called on CORS failure
  • Method Details

    • filter

      public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
      Description copied from interface: Filter
      Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter calls next.handle(context, request).

      This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to next.handle(context, request) and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.

      Specified by:
      filter in interface Filter
      Parameters:
      context - The request context.
      request - The request.
      next - The next filter or handler in the chain to handle the request.
      Returns:
      A Promise representing the response to be returned to the client.