下面列出了怎么用 io.netty.handler.codec.http.cors.CorsConfigBuilder 的API类实例代码及写法,或者点击链接到github查看源代码。
private CorsConfig buildCorsConfig(Config config) {
if (!config.getBoolean("enable")) {
return CorsConfigBuilder.forAnyOrigin().disable().build();
}
CorsConfigBuilder builder =
CorsConfigBuilder.forOrigins(getStrings(config, "allowed_origins"))
.allowedRequestHeaders(getStrings(config, "allowed_headers"))
.allowedRequestMethods(getHttpMethods(config, "allowed_methods"));
if (config.getBoolean("allow_credentials")) {
builder.allowCredentials();
}
if (config.getBoolean("short_circuit")) {
builder.shortCircuit();
}
return builder.build();
}
/** Test that onHeadersRead handles requests with no origin header properly. */
@Test
void testOnHeadersRead_noOrigin() {
CorsConfig corsConfig =
CorsConfigBuilder.forOrigin("test.domain")
.allowCredentials()
.allowedRequestMethods(HttpMethod.GET)
.build();
Http2CorsHandler corsHandler = new Http2CorsHandler(corsConfig);
testHandler = new Http2Handler(mockEncoder, MAX_PAYLOAD, corsHandler);
headers.method("GET").path(OK_PATH);
testHandler.onHeadersRead(mockContext, STREAM_ID, headers, 1, true);
assertEquals(1L, requestMeter.getCount());
verifyResponse(HttpResponseStatus.OK, ImmutableMap.of(), Optional.empty(), STREAM_ID);
}
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if(sslCtx!=null)
{
p.addLast(new SslHandler(sslCtx.newEngine(ch.alloc())));
}
p.addLast(new HttpResponseEncoder());//必须放在最前面,如果decoder途中需要回复消息,则decoder前面需要encoder
p.addLast(new HttpRequestDecoder());
p.addLast(new HttpObjectAggregator(65536));//限制contentLength
//大文件传输处理
// p.addLast(new ChunkedWriteHandler());
// p.addLast(new HttpContentCompressor());
//跨域配置
CorsConfig corsConfig = CorsConfigBuilder.forAnyOrigin().allowNullOrigin().allowCredentials().build();
p.addLast(new CorsHandler(corsConfig));
if(unPoolMsg)
{
p.addLast(new DefaultListenerHandler<HttpRequest>(new HttpListenerProxy(listener)));
}else
{
p.addLast(new DefaultListenerHandler<HttpRequest>(listener));
}
}
public static void addHttpServerCodec(@Nonnull ChannelPipeline pipeline) {
pipeline.addLast("httpRequestEncoder", new HttpResponseEncoder());
// https://jetbrains.zendesk.com/agent/tickets/68315
pipeline.addLast("httpRequestDecoder", new HttpRequestDecoder(16 * 1024, 16 * 1024, 8192));
pipeline.addLast("httpObjectAggregator", new HttpObjectAggregator(MAX_CONTENT_LENGTH));
// could be added earlier if HTTPS
if (pipeline.get(ChunkedWriteHandler.class) == null) {
pipeline.addLast("chunkedWriteHandler", new ChunkedWriteHandler());
}
pipeline.addLast("corsHandler", new CorsHandlerDoNotUseOwnLogger(CorsConfigBuilder
.forAnyOrigin()
.shortCircuit()
.allowCredentials()
.allowNullOrigin()
.allowedRequestMethods(HttpMethod.GET, HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE, HttpMethod.HEAD, HttpMethod.PATCH)
.allowedRequestHeaders("origin", "accept", "authorization", "content-type", "x-ijt")
.build()));
}
@Override
public void initChannel(SocketChannel ch) {
CorsConfig corsConfig = CorsConfigBuilder.forAnyOrigin().allowNullOrigin().allowCredentials().build();
ChannelPipeline pipeline = ch.pipeline();
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}
pipeline.addLast(new HttpResponseEncoder());
pipeline.addLast(new HttpRequestDecoder());
pipeline.addLast(new HttpObjectAggregator(65536));
pipeline.addLast(new ChunkedWriteHandler());
pipeline.addLast(new CorsHandler(corsConfig));
pipeline.addLast(new OkResponseHandler());
}
@Override
public void initChannel(SocketChannel ch) {
CorsConfig corsConfig = CorsConfigBuilder.forAnyOrigin().allowNullOrigin().allowCredentials().build();
ChannelPipeline pipeline = ch.pipeline();
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}
pipeline.addLast(new HttpResponseEncoder());
pipeline.addLast(new HttpRequestDecoder());
pipeline.addLast(new HttpObjectAggregator(65536));
pipeline.addLast(new ChunkedWriteHandler());
pipeline.addLast(new CorsHandler(corsConfig));
pipeline.addLast(new OkResponseHandler());
}
/** Test that OPTIONS request short circuit to preflight response. */
@Test
void testOnHeadersRead_preflightOptionsRequest() {
CorsConfig corsConfig =
CorsConfigBuilder.forOrigin("test.domain")
.allowCredentials()
.allowedRequestMethods(HttpMethod.GET)
.build();
Http2CorsHandler corsHandler = new Http2CorsHandler(corsConfig);
testHandler = new Http2Handler(mockEncoder, MAX_PAYLOAD, corsHandler);
headers
.method("OPTIONS")
.add("origin", "test.domain")
.add("access-control-request-method", "GET")
.path(OK_PATH);
testHandler.onHeadersRead(mockContext, STREAM_ID, headers, 1, true);
assertEquals(1L, requestMeter.getCount());
verifyResponse(
HttpResponseStatus.OK,
ImmutableMap.of(
"access-control-allow-methods",
"GET",
"access-control-allow-origin",
corsConfig.origin(),
"access-control-allow-credentials",
"true"),
Optional.empty(),
STREAM_ID);
}
/** Test that OPTIONS request short circuit to preflight response. */
@Test
void testOnHeadersRead_corsShortCircuit() {
CorsConfig corsConfig = CorsConfigBuilder.forOrigin("test.domain").shortCircuit().build();
Http2CorsHandler corsHandler = new Http2CorsHandler(corsConfig);
testHandler = new Http2Handler(mockEncoder, MAX_PAYLOAD, corsHandler);
headers.method("GET").add("origin", "illegal.domain").path(OK_PATH);
testHandler.onHeadersRead(mockContext, STREAM_ID, headers, 1, true);
assertEquals(1L, requestMeter.getCount());
verifyResponse(HttpResponseStatus.FORBIDDEN, ImmutableMap.of(), Optional.empty(), STREAM_ID);
}
@Override
public void initChannel(SocketChannel ch) {
CorsConfig corsConfig = CorsConfigBuilder.forAnyOrigin().allowNullOrigin().allowCredentials().build();
ChannelPipeline pipeline = ch.pipeline();
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}
pipeline.addLast(new HttpResponseEncoder());
pipeline.addLast(new HttpRequestDecoder());
pipeline.addLast(new HttpObjectAggregator(65536));
pipeline.addLast(new ChunkedWriteHandler());
pipeline.addLast(new CorsHandler(corsConfig));
pipeline.addLast(new OkResponseHandler());
}
protected ChannelHandler setupHttpChannel(Configuration config, SslContext sslCtx) {
return new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ch.pipeline().addLast("ssl", new NonSslRedirectHandler(config, sslCtx));
ch.pipeline().addLast("encoder", new HttpResponseEncoder());
ch.pipeline().addLast("decoder", new HttpRequestDecoder());
ch.pipeline().addLast("compressor", new HttpContentCompressor());
ch.pipeline().addLast("decompressor", new HttpContentDecompressor());
ch.pipeline().addLast("aggregator", new HttpObjectAggregator(8192));
ch.pipeline().addLast("chunker", new ChunkedWriteHandler());
final Configuration.Cors corsCfg = config.getHttp().getCors();
final CorsConfigBuilder ccb;
if (corsCfg.isAllowAnyOrigin()) {
ccb = CorsConfigBuilder.forAnyOrigin();
} else {
ccb = CorsConfigBuilder.forOrigins(corsCfg.getAllowedOrigins().stream().toArray(String[]::new));
}
if (corsCfg.isAllowNullOrigin()) {
ccb.allowNullOrigin();
}
if (corsCfg.isAllowCredentials()) {
ccb.allowCredentials();
}
corsCfg.getAllowedMethods().stream().map(HttpMethod::valueOf).forEach(ccb::allowedRequestMethods);
corsCfg.getAllowedHeaders().forEach(ccb::allowedRequestHeaders);
CorsConfig cors = ccb.build();
LOG.trace("Cors configuration: {}", cors);
ch.pipeline().addLast("cors", new CorsHandler(cors));
ch.pipeline().addLast("queryDecoder", new qonduit.netty.http.HttpRequestDecoder(config));
ch.pipeline().addLast("strict", new StrictTransportHandler(config));
ch.pipeline().addLast("login", new X509LoginRequestHandler(config));
ch.pipeline().addLast("doLogin", new BasicAuthLoginRequestHandler(config));
ch.pipeline().addLast("error", new HttpExceptionHandler());
}
};
}
protected ChannelHandler setupHttpChannel(Configuration config, SslContext sslCtx) {
return new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ch.pipeline().addLast("ssl", new NonSslRedirectHandler(config.getHttp(), sslCtx));
ch.pipeline().addLast("encoder", new HttpResponseEncoder());
ch.pipeline().addLast("decoder", new HttpRequestDecoder());
ch.pipeline().addLast("compressor", new HttpContentCompressor());
ch.pipeline().addLast("decompressor", new HttpContentDecompressor());
ch.pipeline().addLast("aggregator", new HttpObjectAggregator(65536));
ch.pipeline().addLast("chunker", new ChunkedWriteHandler());
final Cors corsCfg = config.getHttp().getCors();
final CorsConfigBuilder ccb;
if (corsCfg.isAllowAnyOrigin()) {
ccb = CorsConfigBuilder.forAnyOrigin();
} else {
ccb = CorsConfigBuilder.forOrigins(corsCfg.getAllowedOrigins().stream().toArray(String[]::new));
}
if (corsCfg.isAllowNullOrigin()) {
ccb.allowNullOrigin();
}
if (corsCfg.isAllowCredentials()) {
ccb.allowCredentials();
}
corsCfg.getAllowedMethods().stream().map(HttpMethod::valueOf).forEach(ccb::allowedRequestMethods);
corsCfg.getAllowedHeaders().forEach(ccb::allowedRequestHeaders);
CorsConfig cors = ccb.build();
LOG.trace("Cors configuration: {}", cors);
ch.pipeline().addLast("cors", new CorsHandler(cors));
ch.pipeline().addLast("queryDecoder",
new timely.netty.http.HttpRequestDecoder(config.getSecurity(), config.getHttp()));
ch.pipeline().addLast("fileServer", new HttpStaticFileServerHandler()
.setIgnoreSslHandshakeErrors(config.getSecurity().getServerSsl().isUseGeneratedKeypair()));
ch.pipeline().addLast("strict", new StrictTransportHandler(config));
ch.pipeline().addLast("login", new X509LoginRequestHandler(config.getSecurity(), config.getHttp()));
ch.pipeline().addLast("doLogin",
new BasicAuthLoginRequestHandler(config.getSecurity(), config.getHttp()));
ch.pipeline().addLast("aggregators", new HttpAggregatorsRequestHandler());
ch.pipeline().addLast("metrics", new HttpMetricsRequestHandler(config));
ch.pipeline().addLast("query", new HttpQueryRequestHandler(dataStore));
ch.pipeline().addLast("search", new HttpSearchLookupRequestHandler(dataStore));
ch.pipeline().addLast("suggest", new HttpSuggestRequestHandler(dataStore));
ch.pipeline().addLast("version", new HttpVersionRequestHandler());
ch.pipeline().addLast("cache", new HttpCacheRequestHandler(dataStoreCache));
ch.pipeline().addLast("put", new HttpMetricPutHandler(dataStore));
ch.pipeline().addLast("error", new TimelyExceptionHandler()
.setIgnoreSslHandshakeErrors(config.getSecurity().getServerSsl().isUseGeneratedKeypair()));
}
};
}