CorsPolicy (filter-service-metrics 1.13 1.13 API)

java.lang.Object
- com.linecorp.armeria.server.cors.CorsPolicy

```
public final class CorsPolicy
extends Object
```
Contains information of the CORS policy with the specified origins.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Set<io.netty.util.AsciiString>`	`allowedRequestHeaders()` Returns the allowed set of request headers.
`Set<HttpMethod>`	`allowedRequestMethods()` Returns the allowed set of request methods.
`static CorsPolicyBuilder`	`builder()` Returns a new `CorsPolicyBuilder`.
`static CorsPolicyBuilder`	`builder(Iterable<String> origins)` Returns a new `CorsPolicyBuilder` with the specified `origins`.
`static CorsPolicyBuilder`	`builder(String... origins)` Returns a new `CorsPolicyBuilder` with the specified `origins`.
`Set<io.netty.util.AsciiString>`	`exposedHeaders()` Returns a set of headers to be exposed to calling clients.
`HttpHeaders`	`generatePreflightResponseHeaders()` Generates immutable HTTP response headers that should be added to a CORS preflight response.
`boolean`	`isCredentialsAllowed()` Determines if cookies are supported for CORS requests.
`boolean`	`isNullOriginAllowed()` Determines if the policy allows a `"null"` origin.
`long`	`maxAge()` Gets the `maxAge` setting.
`String`	`origin()` Returns the allowed origin.
`Set<String>`	`origins()` Returns the set of allowed origins.
`List<Route>`	`routes()` Returns the list of `Route`s that this policy is supposed to be applied to.
`String`	`toString()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Method Detail
  - builder
```
public static CorsPolicyBuilder builder()
```
    Returns a new CorsPolicyBuilder.
  - builder
```
public static CorsPolicyBuilder builder(String... origins)
```
    Returns a new CorsPolicyBuilder with the specified origins.
  - builder
```
public static CorsPolicyBuilder builder(Iterable<String> origins)
```
    Returns a new CorsPolicyBuilder with the specified origins.
  - origin
```
public String origin()
```
    Returns the allowed origin. This can either be a wildcard or an origin value. This method returns the first specified origin if this policy has more than one origin.
    
    Returns:
    
    the value that will be used for the CORS response header "Access-Control-Allow-Origin"
  - origins
```
public Set<String> origins()
```
    Returns the set of allowed origins.
  - routes
```
public List<Route> routes()
```
    Returns the list of Routes that this policy is supposed to be applied to.
  - isCredentialsAllowed
```
public boolean isCredentialsAllowed()
```
    Determines if cookies are supported for CORS requests.
    By default cookies are not included in CORS requests but if isCredentialsAllowed returns true cookies will be added to CORS requests. Setting this value to true will set the CORS "Access-Control-Allow-Credentials" response header to true.
    Please note that cookie support needs to be enabled on the client side as well. The client needs to opt-in to send cookies by calling:
```
 xhr.withCredentials = true;
 
```
    The default value for 'withCredentials' is false in which case no cookies are sent. Setting this to true will include cookies in cross origin requests.
    Returns:
    
    true if cookies are supported.
  - maxAge
```
public long maxAge()
```
    Gets the maxAge setting.
    When making a preflight request the client has to perform two requests which can be inefficient. This setting will set the CORS "Access-Control-Max-Age" response header and enable the caching of the preflight response for the specified time. During this time no preflight request will be made.
    
    Returns:
    
    the time in seconds that a preflight request may be cached.
  - exposedHeaders
```
public Set<io.netty.util.AsciiString> exposedHeaders()
```
    Returns a set of headers to be exposed to calling clients.
    During a simple CORS request only certain response headers are made available by the browser, for example using:
```
 xhr.getResponseHeader("Content-Type");
 
```
    The headers that are available by default are:
    - Cache-Control
    - Content-Language
    - Content-Type
    - Expires
    - Last-Modified
    - Pragma
    To expose other headers they need to be specified, which is what this method enables by adding the headers names to the CORS "Access-Control-Expose-Headers" response header.
    Returns:
    
    the list of the headers to expose.
  - allowedRequestMethods
```
public Set<HttpMethod> allowedRequestMethods()
```
    Returns the allowed set of request methods. The Http methods that should be returned in the CORS "Access-Control-Request-Method" response header.
    
    Returns:
    
    the HttpMethods that represent the allowed request methods.
  - allowedRequestHeaders
```
public Set<io.netty.util.AsciiString> allowedRequestHeaders()
```
    Returns the allowed set of request headers.
    The header names returned from this method will be used to set the CORS "Access-Control-Allow-Headers" response header.
  - isNullOriginAllowed
```
public boolean isNullOriginAllowed()
```
    Determines if the policy allows a "null" origin.
  - generatePreflightResponseHeaders
```
public HttpHeaders generatePreflightResponseHeaders()
```
    Generates immutable HTTP response headers that should be added to a CORS preflight response.
    
    Returns:
    
    HttpHeaders the HTTP response headers to be added.
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class Object

Class CorsPolicy

Method Summary

Methods inherited from class java.lang.Object

Method Detail

builder

builder

builder

origin

origins

routes

isCredentialsAllowed

maxAge

exposedHeaders

allowedRequestMethods

allowedRequestHeaders

isNullOriginAllowed

generatePreflightResponseHeaders

toString