Created
February 4, 2017 22:18
-
-
Save mickleroy/5ee8ed51ac245a8b59024a4ffec7cf7f to your computer and use it in GitHub Desktop.
Sets Access-Control headers in AEM for Cross Origin Resource Sharing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.github.mickleroy.models; | |
| import org.apache.felix.scr.annotations.sling.SlingFilter; | |
| import org.apache.felix.scr.annotations.sling.SlingFilterScope; | |
| import org.apache.sling.api.SlingHttpServletResponse; | |
| import org.slf4j.Logger; | |
| import org.slf4j.LoggerFactory; | |
| import javax.servlet.*; | |
| import java.io.IOException; | |
| @SlingFilter(label = "Cross-Origin Request Filter", | |
| metatype = true, | |
| scope = SlingFilterScope.REQUEST, | |
| order = -100) | |
| public class CORSFilter implements Filter { | |
| private static final Logger log = LoggerFactory.getLogger(CORSFilter.class); | |
| @Override | |
| public void doFilter(ServletRequest request, ServletResponse response, | |
| FilterChain chain) throws IOException, ServletException { | |
| if (response instanceof SlingHttpServletResponse) { | |
| SlingHttpServletResponse slingResponse = (SlingHttpServletResponse) response; | |
| slingResponse.setHeader("Access-Control-Allow-Origin", "*"); | |
| slingResponse.setHeader("Access-Control-Allow-Credentials", "true"); | |
| } | |
| chain.doFilter(request, response); | |
| } | |
| @Override | |
| public void init(FilterConfig filterConfig) throws ServletException { | |
| log.debug("Initialising CORS Filter"); | |
| } | |
| @Override | |
| public void destroy() { | |
| log.debug("Destroying CORS Filter"); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment