The WebFilter in the Kotlin code block below enables CORS on Spring Boot applications using the WebFlux starter.
import org.springframework.http.HttpMethod | |
import org.springframework.http.HttpStatus | |
import org.springframework.stereotype.Component | |
import org.springframework.web.server.ServerWebExchange | |
import org.springframework.web.server.WebFilter | |
import org.springframework.web.server.WebFilterChain | |
import reactor.core.publisher.Mono | |
@Component | |
class CorsFilter : WebFilter { | |
override fun filter(ctx: ServerWebExchange?, chain: WebFilterChain?): Mono<Void> { | |
if (ctx != null) { | |
ctx.response.headers.add("Access-Control-Allow-Origin", "*") | |
ctx.response.headers.add("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, OPTIONS") | |
ctx.response.headers.add("Access-Control-Allow-Headers", "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range") | |
if (ctx.request.method == HttpMethod.OPTIONS) { | |
ctx.response.headers.add("Access-Control-Max-Age", "1728000") | |
ctx.response.statusCode = HttpStatus.NO_CONTENT | |
return Mono.empty() | |
} else { | |
ctx.response.headers.add("Access-Control-Expose-Headers", "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range") | |
return chain?.filter(ctx) ?: Mono.empty() | |
} | |
} else { | |
return chain?.filter(ctx) ?: Mono.empty() | |
} | |
} | |
} |
The content on this site stays fresh thanks to help from users like you! If you have suggestions or would like to contribute, fork us on GitHub.
Save 39% on CORS in Action with promotional code hossainco at manning.com/hossain