root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Polishing

This commit is contained in:
Sam Brannen 2023-01-19 16:32:29 +01:00
parent a34b1af49e
commit 22323072fd
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
spring-web/src/main/java/org/springframework/web/cors/DefaultCorsProcessor.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -41,9 +41,9 @@ import org.springframework.util.CollectionUtils;
* The default implementation of {@link CorsProcessor}, as defined by the
* <a href="https://www.w3.org/TR/cors/">CORS W3C recommendation</a>.
*
* <p>Note that when input {@link CorsConfiguration} is {@code null}, this
* <p>Note that when the supplied {@link CorsConfiguration} is {@code null}, this
* implementation does not reject simple or actual requests outright but simply
* avoid adding CORS headers to the response. CORS processing is also skipped
* avoids adding CORS headers to the response. CORS processing is also skipped
* if the response already contains CORS headers.
*
* @author Sebastien Deleuze

10
spring-web/src/main/java/org/springframework/web/cors/reactive/DefaultCorsProcessor.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,7 +17,6 @@
package org.springframework.web.cors.reactive;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.logging.Log;
@ -37,9 +36,9 @@ import org.springframework.web.server.ServerWebExchange;
* The default implementation of {@link CorsProcessor},
* as defined by the <a href="https://www.w3.org/TR/cors/">CORS W3C recommendation</a>.
*
* <p>Note that when input {@link CorsConfiguration} is {@code null}, this
* <p>Note that when the supplied {@link CorsConfiguration} is {@code null}, this
* implementation does not reject simple or actual requests outright but simply
* avoid adding CORS headers to the response. CORS processing is also skipped
* avoids adding CORS headers to the response. CORS processing is also skipped
* if the response already contains CORS headers.
*
* @author Sebastien Deleuze
@ -50,13 +49,12 @@ public class DefaultCorsProcessor implements CorsProcessor {
private static final Log logger = LogFactory.getLog(DefaultCorsProcessor.class);
private static final List<String> VARY_HEADERS = Arrays.asList(
private static final List<String> VARY_HEADERS = List.of(
HttpHeaders.ORIGIN, HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
@Override
public boolean process(@Nullable CorsConfiguration config, ServerWebExchange exchange) {
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
HttpHeaders responseHeaders = response.getHeaders();