Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DefaultCorsProcessor relies on Servlet 3 specific methods [SPR-12885] #17483

Closed
spring-issuemaster opened this issue Apr 3, 2015 · 2 comments

Comments

Projects
None yet
2 participants
@spring-issuemaster
Copy link
Collaborator

commented Apr 3, 2015

Rossen Stoyanchev opened SPR-12885 and commented

The getHeader methods in the HttpServletResponse are 3.0 specific and may not be present. We've added some checks before in ServletServerHttpResponse for similar reasons (checking if the response has CORS headers already) and the check is only successful in Servlet 3+ environments.

Rather than re-implementing this or extracting it, I think it would make sense for DefaultCorsProcessor to create an instance of ServletServerHttpResponse and use it throughout instead of using the HttpServletRequest/Response directly.

There are added benefits to doing this. It will simplify access to header values via HttpHeaders and it also gives a reason to encapsulate CORS related header manipulation in HttpHeaders.


This issue is a sub-task of #13916

Referenced from: commits 83f269b, e306098

@spring-issuemaster

This comment has been minimized.

Copy link
Collaborator Author

commented Apr 3, 2015

Rossen Stoyanchev commented

I'd also suggest to change CorsProcessor to accept NativeWebRequest rather than HttpServletRequest & Response.

@spring-issuemaster

This comment has been minimized.

Copy link
Collaborator Author

commented Apr 19, 2015

Sébastien Deleuze commented

See proposed implementation on this branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.