@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
String origin = requestContext.getHeaderString(CorsHeaders.ORIGIN);
if (origin == null || requestContext.getProperty("cors.failure") != null) {
// don't do anything if origin is null, its an OPTIONS request, or cors.failure is set
return;
}
responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_METHODS, "*");
StringBuilder allowHeaders = new StringBuilder();
MultivaluedMap<String, String> headers = requestContext.getHeaders();
for (String headerKey : headers.keySet()) {
allowHeaders.append(headerKey).append(",");
}
responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowHeaders.toString());
if (allowCredentials) {
responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
}
if (exposedHeaders != null) {
responseContext.getHeaders().putSingle(CorsHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposedHeaders);
}
}