CorsFilter asserts presence of CorsConfigurationSource

spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@ public interface CorsConfigurationSource {
 
 	/**
 	 * Return a {@link CorsConfiguration} based on the incoming request.
+	 * @return the associated {@link CorsConfiguration}, or {@code null} if none
 	 */
 	CorsConfiguration getCorsConfiguration(HttpServletRequest request);
 

spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,10 +31,10 @@ import org.springframework.web.cors.DefaultCorsProcessor;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 /**
- * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts CORS
+ * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts
- * simple and actual requests thanks to a {@link CorsProcessor} implementation
+ * CORS simple and actual requests thanks to a {@link CorsProcessor} implementation
- * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS response
+ * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS
- * headers (like {@code Access-Control-Allow-Origin}) using the provided
+ * response headers (like {@code Access-Control-Allow-Origin}) using the provided
  * {@link CorsConfigurationSource} (for example an {@link UrlBasedCorsConfigurationSource}
  * instance.
  *
@@ -52,20 +52,22 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
  */
 public class CorsFilter extends OncePerRequestFilter {
 
-	private CorsProcessor processor = new DefaultCorsProcessor();
-
 	private final CorsConfigurationSource configSource;
 
+	private CorsProcessor processor = new DefaultCorsProcessor();
+
 
 	/**
-	 * Constructor accepting a {@link CorsConfigurationSource} used by the filter to find
+	 * Constructor accepting a {@link CorsConfigurationSource} used by the filter
-	 * the {@link CorsConfiguration} to use for each incoming request.
+	 * to find the {@link CorsConfiguration} to use for each incoming request.
 	 * @see UrlBasedCorsConfigurationSource
 	 */
 	public CorsFilter(CorsConfigurationSource configSource) {
+		Assert.notNull(configSource, "CorsConfigurationSource must not be null");
 		this.configSource = configSource;
 	}
 
+
 	/**
 	 * Configure a custom {@link CorsProcessor} to use to apply the matched
 	 * {@link CorsConfiguration} for a request.
@@ -76,6 +78,7 @@ public class CorsFilter extends OncePerRequestFilter {
 		this.processor = processor;
 	}
 
+
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 			FilterChain filterChain) throws ServletException, IOException {
@@ -89,6 +92,7 @@ public class CorsFilter extends OncePerRequestFilter {
 				}
 			}
 		}
+
 		filterChain.doFilter(request, response);
 	}