1 package com.atlassian.plugins.rest.module.filter;
2
3 import com.atlassian.plugins.rest.common.security.CorsHeaders;
4 import com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter;
5 import com.sun.jersey.spi.container.ContainerRequest;
6 import com.sun.jersey.spi.container.ContainerRequestFilter;
7 import org.apache.commons.lang.StringUtils;
8
9 import javax.ws.rs.HttpMethod;
10 import javax.ws.rs.core.MultivaluedMap;
11 import javax.ws.rs.ext.Provider;
12 import java.util.HashSet;
13 import java.util.Set;
14
15 import static com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.extractOrigin;
16 import static javax.ws.rs.core.HttpHeaders.ACCEPT;
17 import static javax.ws.rs.core.MediaType.APPLICATION_ATOM_XML;
18 import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
19 import static javax.ws.rs.core.MediaType.APPLICATION_XML;
20 import static javax.ws.rs.core.MediaType.TEXT_HTML;
21 import static javax.ws.rs.core.MediaType.TEXT_PLAIN;
22 import static javax.ws.rs.core.MediaType.WILDCARD;
23
24
25
26
27
28
29 @Provider
30 public class CorsAcceptOptionsPreflightFilter implements ContainerRequestFilter
31 {
32 public ContainerRequest filter(final ContainerRequest request)
33 {
34 if (request.getMethod().equals(HttpMethod.OPTIONS))
35 {
36 String origin = extractOrigin(request);
37 String targetMethod = request.getHeaderValue(CorsHeaders.ACCESS_CONTROL_REQUEST_METHOD.value());
38 if (targetMethod != null && origin != null)
39 {
40 request.setMethod(targetMethod);
41 request.getProperties().put(CorsResourceFilter.CORS_PREFLIGHT_REQUESTED, "true");
42 }
43 }
44 return request;
45 }
46 }