diff --git a/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java b/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java index 2fc6d9ce41..48166caa19 100644 --- a/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java +++ b/spring-web/src/main/java/org/springframework/web/cors/CorsConfigurationSource.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2015 the original author or authors. + * Copyright 2002-2016 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,6 +29,7 @@ public interface CorsConfigurationSource { /** * Return a {@link CorsConfiguration} based on the incoming request. + * @return the associated {@link CorsConfiguration}, or {@code null} if none */ CorsConfiguration getCorsConfiguration(HttpServletRequest request); diff --git a/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java b/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java index 8079532e33..812deb0a20 100644 --- a/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java +++ b/spring-web/src/main/java/org/springframework/web/filter/CorsFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2015 the original author or authors. + * Copyright 2002-2016 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,10 +31,10 @@ import org.springframework.web.cors.DefaultCorsProcessor; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; /** - * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts CORS - * simple and actual requests thanks to a {@link CorsProcessor} implementation - * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS response - * headers (like {@code Access-Control-Allow-Origin}) using the provided + * {@link javax.servlet.Filter} that handles CORS preflight requests and intercepts + * CORS simple and actual requests thanks to a {@link CorsProcessor} implementation + * ({@link DefaultCorsProcessor} by default) in order to add the relevant CORS + * response headers (like {@code Access-Control-Allow-Origin}) using the provided * {@link CorsConfigurationSource} (for example an {@link UrlBasedCorsConfigurationSource} * instance. * @@ -52,20 +52,22 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource; */ public class CorsFilter extends OncePerRequestFilter { - private CorsProcessor processor = new DefaultCorsProcessor(); - private final CorsConfigurationSource configSource; + private CorsProcessor processor = new DefaultCorsProcessor(); + /** - * Constructor accepting a {@link CorsConfigurationSource} used by the filter to find - * the {@link CorsConfiguration} to use for each incoming request. + * Constructor accepting a {@link CorsConfigurationSource} used by the filter + * to find the {@link CorsConfiguration} to use for each incoming request. * @see UrlBasedCorsConfigurationSource */ public CorsFilter(CorsConfigurationSource configSource) { + Assert.notNull(configSource, "CorsConfigurationSource must not be null"); this.configSource = configSource; } + /** * Configure a custom {@link CorsProcessor} to use to apply the matched * {@link CorsConfiguration} for a request. @@ -76,6 +78,7 @@ public class CorsFilter extends OncePerRequestFilter { this.processor = processor; } + @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { @@ -89,6 +92,7 @@ public class CorsFilter extends OncePerRequestFilter { } } } + filterChain.doFilter(request, response); }