Change semantics of @CrossOrigin's maxAge regarding negative values

10 years ago · f0c0813011
2 changed files with 3 additions and 2 deletions
--- a/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java
+++ b/spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java
@ -84,7 +84,7 @@ public @interface CrossOrigin {
				@@ -84,7 +84,7 @@ public @interface CrossOrigin {
 	 * The maximum age (in seconds) of the cache duration for pre-flight responses.
 	 * <p>This property controls the value of the {@code Access-Control-Max-Age}
 	 * header in the pre-flight response.
-	 * <p>A value of {@code -1} means <em>undefined</em>.
+	 * <p>A negative value means <em>undefined</em>.
 	 * <p>Setting this to a reasonable value can reduce the number of pre-flight
 	 * request/response interactions required by the browser.
 	 * <p>Defaults to {@code 1800} seconds (i.e., 30 minutes).
--- a/spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerMapping.java
+++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerMapping.java
@ -340,7 +340,8 @@ public class RequestMappingHandlerMapping extends RequestMappingInfoHandlerMappi
				@@ -340,7 +340,8 @@ public class RequestMappingHandlerMapping extends RequestMappingInfoHandlerMappi
 			throw new IllegalStateException("@CrossOrigin's allowCredentials value must be \"true\", \"false\", "
 					+ "or an empty string (\"\"); current value is [" + allowCredentials + "].");
 		}
-		if (annotation.maxAge() != -1 && config.getMaxAge() == null) {
+
+		if ((annotation.maxAge() >= 0) && (config.getMaxAge() == null)) {
 			config.setMaxAge(annotation.maxAge());
 		}
 	}