Skip to content

S
spring-framework

爱吃血肠 / spring-framework

通知 1
Star 0
Fork 0
S
spring-framework

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

切换分支/标签
  1. 22 3月, 2019 1 次提交
  3. 30 3月, 2018 1 次提交
  5. 21 12月, 2017 1 次提交
    • S
      Improve CORS list properties combination logic · 0075f131
      sdeleuze 提交于 
      This commit allows CorsConfiguration#combine()
to differentiate permit default values set by
CorsConfiguration#applyPermitDefaultValues()
from values configured explicitly by the user.

Those permit default values will be overridden
by any user-provided ones while user-provided values
will be combined in an additive way, including
when "*" is specified.

Documentation has been improved accordingly.

Issue: SPR-15772
      0075f131
  7. 29 11月, 2017 2 次提交
  9. 23 11月, 2017 1 次提交
    • S
      Disable CORS credentials by default · 652e5c55
      sdeleuze 提交于 
      Access-Control-Allow-Credentials CORS header, used to
allow cookies with CORS requests, is not set to true
anymore by default when enabling CORS with
@CrossOrigin or global CORS configuration in order to
provide a more secured default CORS configuration.

The related allowCredentials property now requires to
be set to true explicitly in order to support cookies
with CORS requests.

Issue: SPR-16130
      652e5c55
  11. 20 10月, 2016 2 次提交
  13. 05 7月, 2016 1 次提交
  15. 22 5月, 2016 1 次提交
  17. 19 4月, 2016 1 次提交
  19. 15 1月, 2016 2 次提交
  21. 29 7月, 2015 1 次提交
    • S
      Introduce 'value' alias for 'attribute' in @AliasFor · 72529208
      Sam Brannen 提交于 
      SPR-11512 introduced support for annotation attribute aliases via
@AliasFor, requiring the explicit declaration of the 'attribute'
attribute. However, for aliases within an annotation, this explicit
declaration is unnecessary.

This commit improves the readability of alias pairs declared within an
annotation by introducing a 'value' attribute in @AliasFor that is an
alias for the existing 'attribute' attribute. This allows annotations
such as @ContextConfiguration from the spring-test module to declare
aliases as follows.

public @interface ContextConfiguration {

     @AliasFor("locations")
     String[] value() default {};

     @AliasFor("value")
     String[] locations() default {};

    // ...
}

Issue: SPR-13289
      72529208
  23. 10 7月, 2015 1 次提交
  25. 07 7月, 2015 1 次提交
  27. 19 6月, 2015 1 次提交
  29. 13 6月, 2015 1 次提交
    • S
      Polish @CrossOrigin · 2b339db5
      Sam Brannen 提交于 
      - origin --> origins
- method --> methods
- constants are now actually constant (i.e., static final)
      2b339db5
  31. 05 6月, 2015 1 次提交
  33. 01 6月, 2015 2 次提交
  35. 31 5月, 2015 1 次提交
  37. 07 5月, 2015 1 次提交
  39. 02 4月, 2015 1 次提交
    • S
      Add CORS support · b0e1e66b
      Sebastien Deleuze 提交于 
      This commit introduces support for CORS in Spring Framework.

Cross-origin resource sharing (CORS) is a mechanism that allows
many resources (e.g. fonts, JavaScript, etc.) on a web page to
be requested from another domain outside the domain from which
the resource originated. It is defined by the CORS W3C
recommandation (http://www.w3.org/TR/cors/).

A new annotation @CrossOrigin allows to enable CORS support
on Controller type or method level. By default all origins
("*") are allowed.

@RestController
public class SampleController {

	@CrossOrigin
	@RequestMapping("/foo")
	public String foo() {
		// ...
	}
}

Various @CrossOrigin attributes allow to customize the CORS configuration.

@RestController
public class SampleController {

	@CrossOrigin(origin = { "http://site1.com", "http://site2.com" },
				 allowedHeaders = { "header1", "header2" },
				 exposedHeaders = { "header1", "header2" },
				 method = RequestMethod.DELETE,
				 maxAge = 123, allowCredentials = "true")
	@RequestMapping(value = "/foo", method = { RequestMethod.GET, RequestMethod.POST} )
	public String foo() {
		// ...
	}
}

A CorsConfigurationSource interface can be implemented by HTTP request
handlers that want to support CORS by providing a CorsConfiguration
that will be detected at AbstractHandlerMapping level. See for
example ResourceHttpRequestHandler that implements this interface.

Global CORS configuration should be supported through ControllerAdvice
(with type level @CrossOrigin annotated class or class implementing
CorsConfigurationSource), or with XML namespace and JavaConfig
configuration, but this is not implemented yet.

Issue: SPR-9278
      b0e1e66b