Produced by Araxis Merge on 4/2/2019 1:06:54 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | C:\AraxisMergeCompare\Pri_un\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\filter | CORSFilter.java | Wed Mar 27 19:21:10 2019 UTC |
2 | C:\AraxisMergeCompare\Pri_re\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\filter | CORSFilter.java | Thu Mar 28 17:50:44 2019 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 2 | 138 |
Changed | 1 | 2 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /** | |
2 | * | |
3 | */ | |
4 | package go v.va.med.a rs.filter; | |
5 | ||
6 | import jav a.io.IOExc eption; | |
7 | ||
8 | import jav ax.servlet .FilterCha in; | |
9 | import jav ax.servlet .ServletEx ception; | |
10 | import jav ax.servlet .http.Http ServletReq uest; | |
11 | import jav ax.servlet .http.Http ServletRes ponse; | |
12 | ||
13 | import org .apache.lo gging.log4 j.util.Str ings; | |
14 | import org .springfra mework.web .filter.On cePerReque stFilter; | |
15 | ||
16 | /** | |
17 | * @author
|
|
18 | * | |
19 | */ | |
20 | public cla ss CORSFil ter extend s OncePerR equestFilt er { | |
21 | // This is a lot of me chanism, j ust to all ow me to a dd a comme nt on the line conta ining "Con tent-Dispo sition" | |
22 | // But it's something I saw in " What's new in Java 8 ", so I wa nted to tr y it out. | |
23 | // Technical ly, it is more effic ient than using stri ng concate nation. (" a" + "b") | |
24 | // As a stat ic, it doe sn't add o verhead to the class instantia tions. | |
25 | st atic priva te final S tring acce ssControlA llowHeader s = | |
26 | String .join(", " , // separ ator | |
27 | "X-PINGOTH ER", | |
28 | "Content-T ype", | |
29 | // "Content-D isposition ", // no l onger used by /ars/v 1/api/{fil e,exportAs PDF} to co nvey filen ame | |
30 | // besides , Vamsi G. says that accessCon trolAllowH eaders is for rest c alls, not /ars/v1/ap i/{file,ex portAsPDF} | |
31 | "X-Request ed-With", | |
32 | "accept", | |
33 | "Origin", | |
34 | "Access-Co ntrol-Requ est-Method ", | |
35 | "Access-Co ntrol-Requ est-Header s", | |
36 | "Authoriza tion"); | |
37 | /* | |
38 | * (non-Java doc) | |
39 | * | |
40 | * @see | |
41 | * org.sprin gframework .web.filte r.OncePerR equestFilt er#doFilte rInternal( | |
42 | * javax.ser vlet.http. HttpServle tRequest, | |
43 | * javax.ser vlet.http. HttpServle tResponse, javax.ser vlet.Filte rChain) | |
44 | * / | |
45 | pr otected vo id doFilte rInternal( HttpServle tRequest r eq, HttpSe rvletRespo nse res, F ilterChain chain) | |
46 | throws ServletEx ception, I OException { | |
47 | res. setHeader( "Access-Co ntrol-Allo w-Origin", "*"); | |
48 | res. setHeader( "Access-Co ntrol-Allo w-Methods" , "GET,POS T"); | |
49 | res. setHeader( "Access-Co ntrol-Max- Age", "360 0"); | |
50 | res. setHeader( "Access-Co ntrol-Allo w-Headers" , accessCo ntrolAllow Headers); | |
51 | // Replace d by the p revious li ne. Kept, for now, f or code re viewer to see. | |
52 | // res. setHeader( "Access-Co ntrol-Allo w-Headers" , | |
53 | // "X-PINGO THER, " + | |
54 | // "Content -Type, " + | |
55 | // "Content -Dispositi on, " + // used by / ars/v1/api /{file,exp ortAsPDF} to convey filename | |
56 | // "X-Reque sted-With, " + | |
57 | // "accept, " + | |
58 | // "Origin, " + | |
59 | // "Access- Control-Re quest-Meth od, " + | |
60 | // "Access- Control-Re quest-Head ers, " + | |
61 | // "Authori zation"); | |
62 | res. addHeader( "Access-Co ntrol-Expo se-Headers ", "xsrf-t oken"); | |
63 | ||
64 | if ( "OPTIONS". equals(req .getMethod ())) { | |
65 | res.se tStatus(Ht tpServletR esponse.SC _OK); | |
66 | } el se { | |
67 | chain. doFilter(r eq, res); | |
68 | } | |
69 | } | |
70 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.