View Javadoc

1   package com.atlassian.plugins.rest.module.filter;
2   
3   import com.atlassian.plugins.rest.common.security.CorsHeaders;
4   import com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter;
5   import com.sun.jersey.spi.container.ContainerRequest;
6   import com.sun.jersey.spi.container.ContainerRequestFilter;
7   
8   import javax.ws.rs.HttpMethod;
9   import javax.ws.rs.ext.Provider;
10  
11  import static com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.extractOrigin;
12  
13  /**
14   * This is a filter to force Jersey to handle OPTIONS when part of a preflight cors check.
15   *
16   * @since 2.6
17   */
18  @Provider
19  public class CorsAcceptOptionsPreflightFilter implements ContainerRequestFilter {
20      public ContainerRequest filter(final ContainerRequest request) {
21          if (request.getMethod().equals(HttpMethod.OPTIONS)) {
22              String origin = extractOrigin(request);
23              String targetMethod = request.getHeaderValue(CorsHeaders.ACCESS_CONTROL_REQUEST_METHOD.value());
24              if (targetMethod != null && origin != null) {
25                  request.setMethod(targetMethod);
26                  request.getProperties().put(CorsResourceFilter.CORS_PREFLIGHT_REQUESTED, "true");
27              }
28          }
29          return request;
30      }
31  }