Interface SpincastFilters<R extends RequestContext<?>>

All Known Implementing Classes:
SpincastFiltersDefault

public interface SpincastFilters<R extends RequestContext<?>>
Some filters provided by Spincast.
  • Method Summary

    Modifier and Type
    Method
    Description
    void
    Adds some default variables so they are available to any template rendering (in a request scope).
    void
    Adds some recommended security headers.
    void
    cache(R context)
     
    void
    cache(R context, int seconds)
     
    void
    cache(R context, int seconds, boolean isPrivate)
     
    void
    cache(R context, int seconds, boolean isPrivate, Integer cdnSeconds)
     
    void
    cors(R context)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods)
    Cross-Origin Resource Sharing (Cors) handling.
    void
    cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds)
    Cross-Origin Resource Sharing (Cors) handling.
    boolean
    saveGeneratedResource(R context, String pathForGeneratedResource)
    Used by Spincast to save a "dynamic resource" once it is generated.
  • Method Details

    • saveGeneratedResource

      boolean saveGeneratedResource(R context, String pathForGeneratedResource)
      Used by Spincast to save a "dynamic resource" once it is generated.
      Returns:
      true if the resource was succesfully saved on disk.
    • addSecurityHeaders

      void addSecurityHeaders(R context)
      Adds some recommended security headers.
    • cors

      void cors(R context)
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all origins, allows cookies, allows all HTTP methods, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.

      By default, only those headers are available to be read :

      • Cache-Control
      • Content-Language
      • Content-Type
      • Expires
      • Last-Modified
      • Pragma

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      If you want to allow everything AND to add extra headers to be read, use :

      cors(context, Sets.newHashSet("*"), Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));

    • cors

      void cors(R context, Set<String> allowedOrigins)
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows allows cookies, allows all HTTP methods for the specified origins, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.

      By default, only those headers are available to be read :

      • Cache-Control
      • Content-Language
      • Content-Type
      • Expires
      • Last-Modified
      • Pragma

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      If you want to allow everything for those origins AND to add extra headers to be read, use : cors(context, allowedOrigins, Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
    • cors

      void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead)
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows cookies, allows all HTTP methods and all headers will be allowed to be sent by the browser, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
    • cors

      void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent)
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all cookies and all HTTP methods, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request.
      allowCookies - Should cookies be allowed?
    • cors

      void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies)
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all HTTP methods, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request.
      allowCookies - Should cookies be allowed?
    • cors

      void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods)
      Cross-Origin Resource Sharing (Cors) handling.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!
      allowCookies - Should cookies be allowed?
      allowedMethods - The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.
    • cors

      void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds)
      Cross-Origin Resource Sharing (Cors) handling.
      Parameters:
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!
      allowCookies - Should cookies be allowed?
      allowedMethods - The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.
      maxAgeInSeconds - The maximum number of seconds a preflight response can be cached without querying again. If <= 0, the "Access-Control-Max-Age" header won't be sent.
    • cache

      void cache(R context)
    • cache

      void cache(R context, int seconds)
    • cache

      void cache(R context, int seconds, boolean isPrivate)
    • cache

      void cache(R context, int seconds, boolean isPrivate, Integer cdnSeconds)
    • addDefaultGlobalTemplateVariables

      void addDefaultGlobalTemplateVariables(R context)
      Adds some default variables so they are available to any template rendering (in a request scope).