Package org.spincast.core.filters

Class SpincastFiltersDefault<R extends RequestContext<?>>

java.lang.Object
org.spincast.core.filters.SpincastFiltersDefault<R>
All Implemented Interfaces:
SpincastFilters<R>
public class SpincastFiltersDefault<R extends RequestContext<?>> extends Object implements SpincastFilters<R>
Spincast filters implementations.

  • Field Details

    • logger

      protected static final org.slf4j.Logger logger

  • Constructor Details

  • Method Details

    • getCorsFilter

      protected CorsFilter getCorsFilter()

    • getSpincastConfig

      protected SpincastConfig getSpincastConfig()

    • getServer

      protected Server getServer()

    • getSpincastUtils

      protected SpincastUtils getSpincastUtils()

    • saveGeneratedResource

      public boolean saveGeneratedResource(R context, String pathForGeneratedResource)
      Description copied from interface: SpincastFilters
      Used by Spincast to save a "dynamic resource" once it is generated.
      Specified by:
      saveGeneratedResource in interface SpincastFilters<R extends RequestContext<?>>
      Returns:
      true if the resource was succesfully saved on disk.

    • addSecurityHeaders

      public void addSecurityHeaders(R context)
      Description copied from interface: SpincastFilters
      Adds some recommended security headers.
      Specified by:
      addSecurityHeaders in interface SpincastFilters<R extends RequestContext<?>>

    • cors

      public void cors(R context)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all origins, allows cookies, allows all HTTP methods, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.

      By default, only those headers are available to be read :

      • Cache-Control
      • Content-Language
      • Content-Type
      • Expires
      • Last-Modified
      • Pragma

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      If you want to allow everything AND to add extra headers to be read, use :

      cors(context, Sets.newHashSet("*"), Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));

      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>

    • cors

      public void cors(R context, Set<String> allowedOrigins)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows allows cookies, allows all HTTP methods for the specified origins, all headers will be allowed to be sent by the browser, but no extra headers will be available to be read by the browser.

      By default, only those headers are available to be read :

      • Cache-Control
      • Content-Language
      • Content-Type
      • Expires
      • Last-Modified
      • Pragma

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      If you want to allow everything for those origins AND to add extra headers to be read, use : cors(context, allowedOrigins, Sets.newHashSet("extra-header-to-read1", "extra-header-to-read2"));
      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!

    • cors

      public void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows cookies, allows all HTTP methods and all headers will be allowed to be sent by the browser, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma

    • cors

      public void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all cookies and all HTTP methods, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request.

    • cors

      public void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      This overload allows all HTTP methods, for the specified origins.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins will be allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are exposed : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request.
      allowCookies - Should cookies be allowed?

    • cors

      public void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.

      Send a Max-Age of 24h. The Max-Age is the maximum number of seconds a preflight response can be cached without querying again.

      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!
      allowCookies - Should cookies be allowed?
      allowedMethods - The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.

    • cors

      public void cors(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds)
      Description copied from interface: SpincastFilters
      Cross-Origin Resource Sharing (Cors) handling.
      Specified by:
      cors in interface SpincastFilters<R extends RequestContext<?>>
      allowedOrigins - The origins to allow ("http://api.bob.com" for example). If one of the origins is "*", then all origins are allowed!
      extraHeadersAllowedToBeRead - The extra headers the browser will have permission to read from the response. By default, only those headers are available : Cache-Control Content-Language Content-Type Expires Last-Modified Pragma
      extraHeadersAllowedToBeSent - The extra headers the browser will be allowed to send with the actual (post preflight) request. If one of the headers is "*", then all headers are allowed to be sent!
      allowCookies - Should cookies be allowed?
      allowedMethods - The HTTP method allowed. "OPTIONS" will be addded if not specified, as it should always be allowed.
      maxAgeInSeconds - The maximum number of seconds a preflight response can be cached without querying again. If <= 0, the "Access-Control-Max-Age" header won't be sent.

    • createCorsFilterClient

      protected CorsFilterClient createCorsFilterClient(R context, Set<String> allowedOrigins, Set<String> extraHeadersAllowedToBeRead, Set<String> extraHeadersAllowedToBeSent, boolean allowCookies, Set<HttpMethod> allowedMethods, int maxAgeInSeconds)
      Creates a client for the cors filter.

    • getCorsDefaultMaxAgeInSeconds

      protected int getCorsDefaultMaxAgeInSeconds()
      If <= 0, the "Access-Control-Max-Age" header won't be sent.

    • getCorsDefaultAllowedOrigins

      protected Set<String> getCorsDefaultAllowedOrigins()
      The origins allowed, by default.

    • getCorsDefaultExtraHeadersAllowedToBeRead

      protected Set<String> getCorsDefaultExtraHeadersAllowedToBeRead()
      The extra headers allowed to be read, by default,

    • getCorsDefaultExtraHeadersAllowedToBeSent

      protected Set<String> getCorsDefaultExtraHeadersAllowedToBeSent()
      The extra headers allowed to be sent, by default,

    • getCorsDefaultIsCookiesAllowed

      protected boolean getCorsDefaultIsCookiesAllowed()
      Are cookies allowed by default?

    • getCorsDefaultAllowedMethods

      protected Set<HttpMethod> getCorsDefaultAllowedMethods()
      The HTTP methods allowed by default.

    • cache

      public void cache(R context)
      Specified by:
      cache in interface SpincastFilters<R extends RequestContext<?>>

    • cache

      public void cache(R context, int seconds)
      Specified by:
      cache in interface SpincastFilters<R extends RequestContext<?>>

    • cache

      public void cache(R context, int seconds, boolean isPrivate)
      Specified by:
      cache in interface SpincastFilters<R extends RequestContext<?>>

    • cache

      public void cache(R context, int seconds, boolean isPrivate, Integer cdnSeconds)
      Specified by:
      cache in interface SpincastFilters<R extends RequestContext<?>>

    • getCacheSecondsByDefault

      protected int getCacheSecondsByDefault()

    • isCachePrivateByDefault

      protected boolean isCachePrivateByDefault()

    • getCacheCdnSecondsByDefault

      protected Integer getCacheCdnSecondsByDefault()

    • addDefaultGlobalTemplateVariables

      public void addDefaultGlobalTemplateVariables(R context)
      Description copied from interface: SpincastFilters
      Adds some default variables so they are available to any template rendering (in a request scope).
      Specified by:
      addDefaultGlobalTemplateVariables in interface SpincastFilters<R extends RequestContext<?>>