From f5e94d27e0a326f1ddda306d1c3bd1ed860f043f Mon Sep 17 00:00:00 2001 From: Ngoc Dao Date: Fri, 28 Sep 2012 17:19:50 +0900 Subject: [PATCH 1/2] Add CORS headers http://en.wikipedia.org/wiki/Cross-origin_resource_sharing https://developer.mozilla.org/en-US/docs/HTTP_access_control --- .../netty/handler/codec/http/HttpHeaders.java | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java index 7ee60973f2..d7033f9533 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java @@ -327,6 +327,49 @@ public class HttpHeaders { */ public static final String WWW_AUTHENTICATE = "WWW-Authenticate"; + // CORS: + // http://en.wikipedia.org/wiki/Cross-origin_resource_sharing + // https://developer.mozilla.org/en-US/docs/HTTP_access_control + + // CORS response headers + + /** + * {@code "Access-Control-Allow-Origin"} + */ + public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"; + /** + * {@code "Access-Control-Expose-Headers"} + */ + public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"; + /** + * {@code "Access-Control-Max-Age"} + */ + public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"; + /** + * {@code "Access-Control-Allow-Credentials"} + */ + public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"; + /** + * {@code "Access-Control-Allow-Methods"} + */ + public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"; + /** + * {@code "Access-Control-Allow-Headers"} + */ + public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"; + + // CORS request headers + // "Origin" has already been declared above + + /** + * {@code "Access-Control-Request-Method"} + */ + public static final String ACCESS_CONTROL_REQUEST_METHODS = "Access-Control-Request-Method"; + /** + * {@code "Access-Control-Request-Headers"} + */ + public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers"; + private Names() { } } From 7751daf2a47fc08f75469a83057aafca8de84c40 Mon Sep 17 00:00:00 2001 From: Ngoc Dao Date: Fri, 28 Sep 2012 19:18:21 +0900 Subject: [PATCH 2/2] Add ACCESS_CONTROL_EXPOSE_HEADERS --- .../netty/handler/codec/http/HttpHeaders.java | 52 +++---------------- 1 file changed, 8 insertions(+), 44 deletions(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java index d7033f9533..769d03c190 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaders.java @@ -34,7 +34,10 @@ import java.util.TreeSet; public class HttpHeaders { /** - * Standard HTTP header names. + * Standard and CORS HTTP header names. + * For CORS headers, see + * https://developer.mozilla.org/en-US/docs/HTTP_access_control + * * @apiviz.stereotype static */ public static final class Names { @@ -78,6 +81,10 @@ public class HttpHeaders { * {@code "Access-Control-Allow-Origin"} */ public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"; + /** + * {@code "Access-Control-Expose-Headers"} + */ + public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"; /** * {@code "Access-Control-Max-Age"} */ @@ -327,49 +334,6 @@ public class HttpHeaders { */ public static final String WWW_AUTHENTICATE = "WWW-Authenticate"; - // CORS: - // http://en.wikipedia.org/wiki/Cross-origin_resource_sharing - // https://developer.mozilla.org/en-US/docs/HTTP_access_control - - // CORS response headers - - /** - * {@code "Access-Control-Allow-Origin"} - */ - public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"; - /** - * {@code "Access-Control-Expose-Headers"} - */ - public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"; - /** - * {@code "Access-Control-Max-Age"} - */ - public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"; - /** - * {@code "Access-Control-Allow-Credentials"} - */ - public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"; - /** - * {@code "Access-Control-Allow-Methods"} - */ - public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"; - /** - * {@code "Access-Control-Allow-Headers"} - */ - public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"; - - // CORS request headers - // "Origin" has already been declared above - - /** - * {@code "Access-Control-Request-Method"} - */ - public static final String ACCESS_CONTROL_REQUEST_METHODS = "Access-Control-Request-Method"; - /** - * {@code "Access-Control-Request-Headers"} - */ - public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers"; - private Names() { } }