Interface SpincastFilters<R extends RequestContext<?>>
- All Known Implementing Classes:
SpincastFiltersDefault
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addDefaultGlobalTemplateVariables
(R context) Adds some default variables so they are available to any template rendering (in a request scope).void
addSecurityHeaders
(R context) Adds some recommended security headers.void
void
void
void
void
Cross-Origin Resource Sharing (Cors) handling.void
Cross-Origin Resource Sharing (Cors) handling.void
Cross-Origin Resource Sharing (Cors) handling.void
cors
(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent) Cross-Origin Resource Sharing (Cors) handling.void
cors
(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies) Cross-Origin Resource Sharing (Cors) handling.void
cors
(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods) Cross-Origin Resource Sharing (Cors) handling.void
cors
(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds) Cross-Origin Resource Sharing (Cors) handling.boolean
saveGeneratedResource
(R context, String pathForGeneratedResource) Used by Spincast to save a "dynamic resource" once it is generated.
-
Method Details
-
saveGeneratedResource
Used by Spincast to save a "dynamic resource" once it is generated.- Returns:
- true if the resource was succesfully saved on disk.
-
addSecurityHeaders
Adds some recommended security headers. -
cors
Cross-Origin Resource Sharing (Cors) handling.This overload allows all origins, allows cookies, allows all HTTP methods, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
If you want to allow everything AND to add extra headers to be read, use :
cors(context, Sets.newHashSet("*"), Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
-
cors
Cross-Origin Resource Sharing (Cors) handling.This overload allows allows cookies, allows all HTTP methods for the specified origins, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.
By default, only those headers are available to be read :
- Cache-Control
- Content-Language
- Content-Type
- Expires
- Last-Modified
- Pragma
Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
If you want to allow everything for those origins AND to add extra headers to be read, use : cors(context, allowedOrigins, Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
-
cors
Cross-Origin Resource Sharing (Cors) handling.This overload allows cookies, allows all HTTP methods and all headers will be allowed to be sent by the browser, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!extraHeadersAllowedToBeRead
- The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
-
cors
void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent) Cross-Origin Resource Sharing (Cors) handling.This overload allows all cookies and all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!extraHeadersAllowedToBeRead
- The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified PragmaextraHeadersAllowedToBeSent
- The extra headers the browser will be allowed to send with the actual (post preflight) request.allowCookies
- Should cookies be allowed?
-
cors
void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies) Cross-Origin Resource Sharing (Cors) handling.This overload allows all HTTP methods, for the specified origins.
Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!extraHeadersAllowedToBeRead
- The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified PragmaextraHeadersAllowedToBeSent
- The extra headers the browser will be allowed to send with the actual (post preflight) request.allowCookies
- Should cookies be allowed?
-
cors
void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods) Cross-Origin Resource Sharing (Cors) handling.Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.
- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!extraHeadersAllowedToBeRead
- The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified PragmaextraHeadersAllowedToBeSent
- The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!allowCookies
- Should cookies be allowed?allowedMethods
- The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.
-
cors
void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds) Cross-Origin Resource Sharing (Cors) handling.- Parameters:
allowedOrigins
- The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!extraHeadersAllowedToBeRead
- The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified PragmaextraHeadersAllowedToBeSent
- The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!allowCookies
- Should cookies be allowed?allowedMethods
- The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.maxAgeInSeconds
- The maximum number of seconds a preflight response can be cached without querying again. If <= 0, the "Access-Control-Max-Age" header won't be sent.
-
cache
-
cache
-
cache
-
cache
-
addDefaultGlobalTemplateVariables
Adds some default variables so they are available to any template rendering (in a request scope).
-