[dev] add mistack for delete CorsFilter

a01e4498 · neo · b0d55663 · a01e4498
Commit a01e4498 authored Sep 27, 2018 by neo
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 0 deletions

CorsFilter.java ...api/src/main/java/pwc/taxtech/atms/common/CorsFilter.java +35 -0

No files found.
--- a/atms-api/src/main/java/pwc/taxtech/atms/common/CorsFilter.java
+++ b/atms-api/src/main/java/pwc/taxtech/atms/common/CorsFilter.java
+package pwc.taxtech.atms.common;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class CorsFilter extends OncePerRequestFilter {
+
+    @Autowired
+    private AtmsApiSettings atmsApiSettings;
+
+    @Override
+    public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
+            throws ServletException, IOException {
+        response.setHeader("Access-Control-Allow-Origin", atmsApiSettings.getWebUrl());
+        response.setHeader("Access-Control-Allow-Credentials", "true");
+        response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+        response.setHeader("Access-Control-Allow-Headers",
+                "origin, content-type, accept, x-requested-with, authorization, x-xsrf-token, X-HTTP-Method-Override, withcredentials, access-control-allow-origin,from");
+        response.setHeader("Access-Control-Allow-Credentials", "true");
+        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
+            return;
+        }
+        chain.doFilter(request, response);
+    }
+
+}
+