CORS Filter
Request Tagging
The CORS Filter can be configured to tag HTTP requests with CORS-related information that may be consumed by downstream handlers (other filters or the target servlet).
To enable tagging set the cors.tagRequests configuration property to true:
cors.tagRequests = true
The filtered requests are tagged using the
ServletRequest.setAttribute()
method.
Downstream filters or target resources can retrieve the tags using
ServletRequest.getAttribute()
.
public class MyServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { PrintWriter out = response.getWriter(); boolean cors = (Boolean)request.getAttribute("cors.isCorsRequest"); if (cors) out.println("The request is cross-site"); else out.println("Regular request"); } }
These tags may be used to implement logging of cross-domain requests or to direct HTTP resources to perform specific action for CORS requests.
Supported tags
All tags are prefixed by "cors."
.
cors.isCorsRequest
{Boolean}
Indicates if the HTTP request is CORS.cors.origin
{String}
The value of the "Origin" header,null
if undefined.cors.requestType
{String}
If the request is CORS, indicates its type: "actual" for actual/simple or "preflight".cors.requestHeaders
{String}
if the request is CORS preflight, the value of the "Access-Control-Request-Headers" header,null
if undefined.