here it is:
public class JaxrsCorsInputFilter implements RequestHandler {
final static String HEADER_ORIGIN = "origin";
@Context
private HttpHeaders headers;
private List<String> allowedOrigins;
public void setAllowedOrigins(List<String> allowedOrigins) {
this.allowedOrigins = allowedOrigins;
}
@Override
public Response handleRequest(Message m, ClassResourceInfo
resourceClass) {
if ("OPTIONS".equals(m.get(Message.HTTP_REQUEST_METHOD))) {
OperationResourceInfo opResInfo =
m.getExchange().get(OperationResourceInfo.class);
if (opResInfo != null) { // OPTIONS method defined in service
bean
return null; // continue handling
}
return Response.status(Status.SERVICE_UNAVAILABLE).build();
}
List<String> values = headers.getRequestHeader(HEADER_ORIGIN);
if (values != null ) {
boolean allowed = true;
if (allowedOrigins != null) {
allowed = allowedOrigins.containsAll(values);
}
if (allowed) {
m.getExchange().put(HEADER_ORIGIN, values);
}
}
return null;
}
}
--
View this message in context:
http://cxf.547215.n5.nabble.com/CORS-tp4970153p5001897.html
Sent from the cxf-dev mailing list archive at Nabble.com.
