Skip to content

Instantly share code, notes, and snippets.

@dswwsd

dswwsd/CORS.java

Last active August 15, 2017 09:53
Show Gist options
  • Save dswwsd/b17ec2fc347a25f29e6e89fa8c8e9044 to your computer and use it in GitHub Desktop.
Save dswwsd/b17ec2fc347a25f29e6e89fa8c8e9044 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CorsComposition.java
package actions;
import java.lang.annotation.*;
import play.libs.F.Promise;
import play.mvc.*;
import play.mvc.Http.Context;
import play.mvc.Http.*;
public class CorsComposition {
/**
* Wraps the annotated action in an <code>CorsAction</code>.
*/
@With(CorsAction.class)
@Target({ ElementType.TYPE, ElementType.METHOD })
@Retention(RetentionPolicy.RUNTIME)
public @interface Cors {
String value() default "*";
}
public static class CorsAction extends Action<Cors> {
@Override
public Promise<SimpleResult> call(Context context) throws Throwable {
Response response = context.response();
response.setHeader("Access-Control-Allow-Origin", "*");
//Handle preflight requests
if(context.request().method().equals("OPTIONS")) {
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Auth-Token");
response.setHeader("Access-Control-Allow-Credentials", "true");
return delegate.call(context);
}
response.setHeader("Access-Control-Allow-Headers","X-Requested-With, Content-Type, X-Auth-Token");
return delegate.call(context);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment