diff --git a/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java b/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java index f48e1c7258..194f4be524 100644 --- a/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java +++ b/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java @@ -22,6 +22,8 @@ import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; +import org.springframework.core.annotation.AliasFor; + /** * Marks the annotated method or type as permitting cross origin requests. * @@ -37,13 +39,21 @@ import java.lang.annotation.Target; @Documented public @interface CrossOrigin { + /** + * Alias for {@link #origin}. + */ + @AliasFor(attribute = "origin") + String[] value() default { "*" }; + /** * List of allowed origins. *

These values are placed in the {@code Access-Control-Allow-Origin} * header of both the pre-flight response and the actual response. *

Defaults to {@code "*"} which means that all origins are allowed. + * @see #value */ - String[] origin() default {"*"}; + @AliasFor(attribute = "value") + String[] origin() default { "*" }; /** * List of request headers that can be used during the actual request. @@ -52,7 +62,7 @@ public @interface CrossOrigin { *

Defaults to {@code "*"} which means that all headers requested * by the client are allowed. */ - String[] allowedHeaders() default {"*"}; + String[] allowedHeaders() default { "*" }; /** * List of response headers that the user-agent will allow the client to access. diff --git a/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/CrossOriginTests.java b/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/CrossOriginTests.java index 782832eb5e..145b84611d 100644 --- a/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/CrossOriginTests.java +++ b/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/CrossOriginTests.java @@ -17,6 +17,7 @@ package org.springframework.web.servlet.mvc.method.annotation; import java.lang.reflect.Method; +import java.util.Arrays; import org.junit.Before; import org.junit.Rule; @@ -128,7 +129,17 @@ public class CrossOriginTests { assertArrayEquals(new String[]{"header1", "header2"}, config.getAllowedHeaders().toArray()); assertArrayEquals(new String[]{"header3", "header4"}, config.getExposedHeaders().toArray()); assertEquals(new Long(123), config.getMaxAge()); - assertEquals(false, config.getAllowCredentials()); + assertFalse(config.getAllowCredentials()); + } + + @Test + public void customOriginDefinedViaValueAttribute() throws Exception { + this.handlerMapping.registerHandler(new MethodLevelController()); + this.request.setRequestURI("/customOrigin"); + CorsConfiguration config = getCorsConfiguration(this.handlerMapping.getHandler(request), false); + assertNotNull(config); + assertEquals(Arrays.asList("http://example.com"), config.getAllowedOrigins()); + assertTrue(config.getAllowCredentials()); } @Test @@ -279,6 +290,11 @@ public class CrossOriginTests { @RequestMapping(path = "/customized", method = { RequestMethod.GET, RequestMethod.POST }) public void customized() { } + + @CrossOrigin("http://example.com") + @RequestMapping("/customOrigin") + public void customOriginDefinedViaValueAttribute() { + } } @Controller