Package org.pentaho.platform.web

Class WebUtil

java.lang.Object

org.pentaho.platform.web.WebUtil

public class WebUtil
extends Object

Utility class containing web related functionality.

Method Summary

Modifier and Type	Method	Description
static boolean	isCorsRequestsAllowed()	Gets a value that indicates if CORS is enabled, in principle.
static void	setCorsResponseHeaders(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Sets the default CORS response headers if CORS is enabled and the request origin is allowed.
static void	setCorsResponseHeaders(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Map<String,List<String>> corsHeadersConfiguration)	Sets the default CORS response headers and the additional provided headers if CORS is enabled and the request origin is allowed.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setCorsResponseHeaders

public static void setCorsResponseHeaders(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response)

Sets the default CORS response headers if CORS is enabled and the request origin is allowed.

The default headers are the Access-Control-Allow-Origin header with the current allowed origin as a value and the Access-Control-Allow-Credentials with value true.

This method exists for when it is needed to set CORS headers programmatically. It's generally preferable to configure the system's CORS filter, by editing applicationContext-spring-security-cors.xml or by publishing an implementation of com.hitachivantara.security.web.api.model.cors.CorsRequestSetConfiguration with the Pentaho system.

Parameters:

request - The HTTP request.

response - The HTTP response.

setCorsResponseHeaders

public static void setCorsResponseHeaders(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          Map<String,List<String>> corsHeadersConfiguration)

Sets the default CORS response headers and the additional provided headers if CORS is enabled and the request origin is allowed.

The default headers are the Access-Control-Allow-Origin header with the current allowed origin as a value and the Access-Control-Allow-Credentials with value true.

This method exists for when it is needed to set CORS headers programmatically. It's generally preferable to configure the system's CORS filter, by editing applicationContext-spring-security-cors.xml or by publishing an implementation of com.hitachivantara.security.web.api.model.cors.CorsRequestSetConfiguration with the Pentaho system.

Parameters:

request - The HTTP request.

response - The HTTP response.

corsHeadersConfiguration - Additional headers to conditionally define.

isCorsRequestsAllowed

public static boolean isCorsRequestsAllowed()

Gets a value that indicates if CORS is enabled, in principle.

Further restrictions apply to determine if a specific cross origin or CORS request is actualy enabled.

Returns:

true if enabled; false, otherwise.