CorsFilter asserts presence of CorsConfigurationSource

8 years ago · 31aed61d15
parent 4432da3659
commit 31aed61d15
2 changed files with 15 additions and 10 deletions
--- a/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java
+++ b/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -29,6 +29,7 @@ public interface CorsConfigurationSource {

 	/**
 	 * Return a {@link CorsConfiguration} based on the incoming request.
+	 * @return the associated {@link CorsConfiguration}, or {@code null} if none
 	 */
 	CorsConfiguration getCorsConfiguration(HttpServletRequest request);

--- a/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java
+++ b/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -31,10 +31,10 @@ import org.springframework.web.cors.DefaultCorsProcessor;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

 /**
- * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts CORS
- * simple and actual requests thanks to a {@link CorsProcessor} implementation
- * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS response
- * headers (like {@code Access-Control-Allow-Origin}) using the provided
+ * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts
+ * CORS simple and actual requests thanks to a {@link CorsProcessor} implementation
+ * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS
+ * response headers (like {@code Access-Control-Allow-Origin}) using the provided
 * {@link CorsConfigurationSource} (for example an {@link UrlBasedCorsConfigurationSource}
 * instance.
 *
@ -52,20 +52,22 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 */
 public class CorsFilter extends OncePerRequestFilter {

-	private CorsProcessor processor = new DefaultCorsProcessor();
-
 	private final CorsConfigurationSource configSource;

+	private CorsProcessor processor = new DefaultCorsProcessor();
+

 	/**
-	 * Constructor accepting a {@link CorsConfigurationSource} used by the filter to find
-	 * the {@link CorsConfiguration} to use for each incoming request.
+	 * Constructor accepting a {@link CorsConfigurationSource} used by the filter
+	 * to find the {@link CorsConfiguration} to use for each incoming request.
 	 * @see UrlBasedCorsConfigurationSource
 	 */
 	public CorsFilter(CorsConfigurationSource configSource) {
+		Assert.notNull(configSource, "CorsConfigurationSource must not be null");
 		this.configSource = configSource;
 	}

+
 	/**
 	 * Configure a custom {@link CorsProcessor} to use to apply the matched
 	 * {@link CorsConfiguration} for a request.
@ -76,6 +78,7 @@ public class CorsFilter extends OncePerRequestFilter {
 		this.processor = processor;
 	}

+
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 			FilterChain filterChain) throws ServletException, IOException {
@ -89,6 +92,7 @@ public class CorsFilter extends OncePerRequestFilter {
 				}
 			}
 		}
+
 		filterChain.doFilter(request, response);
 	}