CORSPolicy class
Describes a CORS policy for a Controller.
A CORS policy describes allowed origins, accepted HTTP methods and headers, exposed response headers and other values used by browsers to manage XHR requests to a Conduit application.
Every Controller has a Controller.policy. By default, this value is defaultPolicy, which is quite permissive.
Modifications to policy for a specific Controller can be accomplished in the initializer of the controller.
Application-wide defaults can be managed by modifying defaultPolicy in a ApplicationChannel's constructor.
Constructors
- CORSPolicy()
- Create a new instance of CORSPolicy.
Properties
- allowCredentials ↔ bool
-
Whether or not to allow use of credentials, including Authorization and cookies.
getter/setter pair
-
allowedMethods
↔ List<
String> -
Which HTTP methods are allowed.
getter/setter pair
-
allowedOrigins
↔ List<
String> -
The list of case-sensitive allowed origins.
getter/setter pair
-
allowedRequestHeaders
↔ List<
String> -
The allowed request headers.
getter/setter pair
- cacheInSeconds ↔ int?
-
The number of seconds to cache a pre-flight request for a requesting client.
getter/setter pair
-
exposedResponseHeaders
↔ List<
String> -
Which response headers to expose to the client.
getter/setter pair
- hashCode → int
-
The hash code for this object.
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
headersForRequest(
Request request) → Map< String, dynamic> - Returns a map of HTTP headers for a request based on this policy.
-
isRequestOriginAllowed(
HttpRequest request) → bool -
Whether or not this policy allows the Origin of the
request. -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
preflightResponse(
Request req) → Response - Returns a preflight response for a given Request.
-
toString(
) → String -
A string representation of this object.
inherited
-
validatePreflightRequest(
HttpRequest request) → bool - Validates whether or not a preflight request matches this policy.
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited
Static Properties
- defaultPolicy → CORSPolicy
-
The default CORS policy.
no setter
Constants
-
simpleRequestHeaders
→ const List<
String> - List of 'Simple' CORS headers.
-
simpleResponseHeaders
→ const List<
String> - List of 'Simple' CORS Response headers.