Class CorsInterceptor

    • Constructor Detail

      • CorsInterceptor

        public CorsInterceptor()
        Constructor which creates an interceptor with default CORS configuration for use in a FHIR server. This includes:
        • Allowed Origin: *
        • Allowed Header: Accept
        • Allowed Header: Access-Control-Request-Headers
        • Allowed Header: Access-Control-Request-Method
        • Allowed Header: Cache-Control
        • Exposed Header: Content-Location
        • Allowed Header: Content-Type
        • Exposed Header: Location
        • Allowed Header: Origin
        • Allowed Header: Prefer
        • Allowed Header: X-Requested-With
        Note that this configuration is useful for quickly getting CORS working, but in a real production system you probably want to consider whether it is appropriate for your situation. In particular, using "Allowed Origin: *" isn't always the right thing to do.
      • CorsInterceptor

        public CorsInterceptor​(org.springframework.web.cors.CorsConfiguration theConfiguration)
        Constructor which accepts the given configuration
        Parameters:
        theConfiguration - The CORS configuration
    • Method Detail

      • getConfig

        public org.springframework.web.cors.CorsConfiguration getConfig()
        Gets the CORS configuration
      • setConfig

        public void setConfig​(org.springframework.web.cors.CorsConfiguration theConfiguration)
        Sets the CORS configuration
      • incomingRequestPreProcessed

        public boolean incomingRequestPreProcessed​(javax.servlet.http.HttpServletRequest theRequest,
                                                   javax.servlet.http.HttpServletResponse theResponse)
        Description copied from interface: IServerInterceptor
        This method is called before any other processing takes place for each incoming request. It may be used to provide alternate handling for some requests, or to screen requests before they are handled, etc.

        Note that any exceptions thrown by this method will not be trapped by HAPI (they will be passed up to the server)

        Specified by:
        incomingRequestPreProcessed in interface IServerInterceptor
        Overrides:
        incomingRequestPreProcessed in class InterceptorAdapter
        Parameters:
        theRequest - The incoming request
        theResponse - The response. Note that interceptors may choose to provide a response (i.e. by calling ServletResponse.getWriter()) but in that case it is important to return false to indicate that the server itself should not also provide a response.
        Returns:
        Return true if processing should continue normally. This is generally the right thing to do. If your interceptor is providing a response rather than letting HAPI handle the response normally, you must return false. In this case, no further processing will occur and no further interceptors will be called.