CorsConfig (Netty/Codec/HTTP 4.0.15.Final API)

java.lang.Object
- io.netty.handler.codec.http.cors.CorsConfig

```
public final class CorsConfig
extends Object
```
Configuration for Cross-Origin Resource Sharing (CORS).

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class CorsConfig.Builder

Nested Classes
Modifier and Type	Class and Description
`static class`	`CorsConfig.Builder`

Method Summary

Methods
Modifier and Type	Method and Description
`Set<String>`	`allowedRequestHeaders()` Returns the allowed set of Request Headers.
`Set<HttpMethod>`	`allowedRequestMethods()` Returns the allowed set of Request Methods.
`static CorsConfig.Builder`	`anyOrigin()`
`Set<String>`	`exposedHeaders()` Returns a set of headers to be exposed to calling clients.
`boolean`	`isCorsSupportEnabled()` Determines if support for CORS is enabled.
`boolean`	`isCredentialsAllowed()` Determines if cookies are supported for CORS requests.
`boolean`	`isNullOriginAllowed()` Web browsers may set the 'Origin' request header to 'null' if a resource is loaded from the local file system.
`long`	`maxAge()` Gets the maxAge setting.
`String`	`origin()` Returns the allowed origin.
`String`	`toString()`
`static CorsConfig.Builder`	`withOrigin(String origin)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Method Detail
  - isCorsSupportEnabled
```
public boolean isCorsSupportEnabled()
```
    Determines if support for CORS is enabled.
    
    Returns:
    true if support for CORS is enabled, false otherwise.
  - origin
```
public String origin()
```
    Returns the allowed origin. This can either be a wildcard or an origin value.
    
    Returns:
    the value that will be used for the CORS response header 'Access-Control-Allow-Origin'
  - isNullOriginAllowed
```
public boolean isNullOriginAllowed()
```
    Web browsers may set the 'Origin' request header to 'null' if a resource is loaded from the local file system. If isNullOriginAllowed is true then the server will response with the wildcard for the the CORS response header 'Access-Control-Allow-Origin'.
    
    Returns:
    true if a 'null' origin should be supported.
  - exposedHeaders
```
public Set<String> exposedHeaders()
```
    Returns a set of headers to be exposed to calling clients. During a simple CORS request only certain response headers are made available by the browser, for example using:
```
 xhr.getResponseHeader("Content-Type");
 
```
    The headers that are available by default are:
    - Cache-Control
    - Content-Language
    - Content-Type
    - Expires
    - Last-Modified
    - Pragma
    To expose other headers they need to be specified which what this method enables by adding the headers to the CORS 'Access-Control-Expose-Headers' response header.
    Returns:
    List<String> a list of the headers to expose.
  - isCredentialsAllowed
```
public boolean isCredentialsAllowed()
```
    Determines if cookies are supported for CORS requests. By default cookies are not included in CORS requests but if isCredentialsAllowed returns true cookies will be added to CORS requests. Setting this value to true will set the CORS 'Access-Control-Allow-Credentials' response header to true.
    
    Returns:
    true if cookies are supported.
  - maxAge
```
public long maxAge()
```
    Gets the maxAge setting. When making a preflight request the client has to perform two request with can be inefficient. This setting will set the CORS 'Access-Control-Max-Age' response header and enables the caching of the preflight response for the specified time. During this time no preflight request will be made.
    
    Returns:
    long the time in seconds that a preflight request may be cached.
  - allowedRequestMethods
```
public Set<HttpMethod> allowedRequestMethods()
```
    Returns the allowed set of Request Methods. The Http methods that should be returned in the CORS 'Access-Control-Request-Method' response header.
    
    Returns:
    Set strings that represent the allowed Request Methods.
  - allowedRequestHeaders
```
public Set<String> allowedRequestHeaders()
```
    Returns the allowed set of Request Headers. The header names returned from this method will be used to set the CORS 'Access-Control-Allow-Headers' response header.
    
    Returns:
    Set of strings that represent the allowed Request Headers.
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class Object
  - anyOrigin
```
public static CorsConfig.Builder anyOrigin()
```
  - withOrigin
```
public static CorsConfig.Builder withOrigin(String origin)
```

Class CorsConfig

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

isCorsSupportEnabled

origin

isNullOriginAllowed

exposedHeaders

isCredentialsAllowed

maxAge

allowedRequestMethods

allowedRequestHeaders

toString

anyOrigin

withOrigin