tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1489738 - /tomcat/trunk/webapps/docs/config/filter.xml
Date Wed, 05 Jun 2013 08:21:19 GMT
Author: markt
Date: Wed Jun  5 08:21:18 2013
New Revision: 1489738

URL: http://svn.apache.org/r1489738
Log:
Documentation tweaks for CORS filter.
Patch provided by Mohit Soni.

Modified:
    tomcat/trunk/webapps/docs/config/filter.xml

Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1489738&r1=1489737&r2=1489738&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Wed Jun  5 08:21:18 2013
@@ -112,51 +112,51 @@
     <p>The minimal configuration required to use this filter is:</p>
     <source>
 &lt;filter&gt;
-  &lt;filter-name&gt;CORSFilter&lt;/filter-name&gt;
-  &lt;filter-class&gt;org.apache.catalina.filters.CORSFilter&lt;/filter-class&gt;
+  &lt;filter-name&gt;CorsFilter&lt;/filter-name&gt;
+  &lt;filter-class&gt;org.apache.catalina.filters.CorsFilter&lt;/filter-class&gt;
 &lt;/filter&gt;
 &lt;filter-mapping&gt;
-  &lt;filter-name>CORSFilter&lt;/filter-name&gt;
+  &lt;filter-name>CorsFilter&lt;/filter-name&gt;
   &lt;url-pattern>/*&lt;/url-pattern&gt;
 &lt;/filter-mapping&gt;
     </source>
   </subsection>
   <subsection name="Filter Class Name">
     <p>The filter class name for the CORS Filter is
-    <strong><code>org.apache.catalina.filters.CORSFilter</code></strong>.</p>
+    <strong><code>org.apache.catalina.filters.CorsFilter</code></strong>.</p>
   </subsection>
   <subsection name="Initialisation parameters">
     <p>The CORS Filter supports following initialisation parameters:</p>
     <attributes>
       <attribute name="cors.allowed.origins" required="false">
         <p>A list of <a href="http://tools.ietf.org/html/rfc6454">origins</a>
-        that are allowed to access the resource. A <code>'*'</code> can be
+        that are allowed to access the resource. A <code>*</code> can be
         specified to enable access to resource from any origin. Otherwise, a
-        whitelist of comma separated origins can be provided. Eg:
-        http://www.w3.org, https://www.apache.org.
+        whitelist of comma separated origins can be provided. Eg: <code>
+        http://www.w3.org, https://www.apache.org</code>.
         <strong>Defaults:</strong> <code>*</code> (Any origin is
allowed to
         access the resource).</p>
       </attribute>
       <attribute name="cors.allowed.methods" required="false">
         <p>A comma separated list of HTTP methods that can be used to access the
         resource, using cross-origin requests. These are the methods which will
-        also be included as part of 'Access-Control-Allow-Methods' header in a
-        pre-flight response. Eg: <code>GET,POST</code>.
-        <strong>Defaults:</strong> <code>GET,POST,HEAD,OPTIONS</code></p>
+        also be included as part of <code>Access-Control-Allow-Methods</code>

+        header in pre-flight response. Eg: <code>GET, POST</code>.
+        <strong>Defaults:</strong> <code>GET, POST, HEAD, OPTIONS</code></p>
       </attribute>
       <attribute name="cors.allowed.headers" required="false">
         <p>A comma separated list of request headers that can be used when
-        making an actual request. These header will also be returned as part of
-        <code>'Access-Control-Allow-Headers'</code> header in a pre-flight
+        making an actual request. These headers will also be returned as part 
+        of <code>Access-Control-Allow-Headers</code> header in a pre-flight
         response. Eg: <code>Origin,Accept</code>. <strong>Defaults:</strong>
         <code>Origin, Accept, X-Requested-With, Content-Type,
         Access-Control-Request-Method, Access-Control-Request-Headers</code></p>
       </attribute>
       <attribute name="cors.exposed.headers" required="false">
-        <p>A comma separated list of headers other than the simple response
-        headers that browsers are allowed to access. These are the headers which
-        will also be included as part of 'Access-Control-Expose-Headers' header
-        in the pre-flight response. Eg:
+        <p>A comma separated list of headers other than simple response headers
+        that browsers are allowed to access. These are the headers which will 
+        also be included as part of <code>Access-Control-Expose-Headers</code>

+        header in the pre-flight response. Eg:
         <code>X-CUSTOM-HEADER-PING,X-CUSTOM-HEADER-PONG</code>.
         <strong>Default:</strong> None. Non-simple headers are not exposed by
         default.</p>
@@ -164,15 +164,15 @@
       <attribute name="cors.preflight.maxage" required="false">
         <p>The amount of seconds, browser is allowed to cache the result of the
         pre-flight request. This will be included as part of
-        <code>'Access-Control-Max-Age'</code> header in the pre-flight response.
+        <code>Access-Control-Max-Age</code> header in the pre-flight response.
         A negative value will prevent CORS Filter from adding this response
-        header from pre-flight response. <strong>Defaults:</strong>
+        header to pre-flight response. <strong>Defaults:</strong>
         <code>1800</code></p>
       </attribute>
       <attribute name="cors.support.credentials" required="false">
         <p>A flag that indicates whether the resource supports user credentials.
         This flag is exposed as part of
-        <code>'Access-Control-Allow-Credentials'</code> header in a pre-flight
+        <code>Access-Control-Allow-Credentials</code> header in a pre-flight
         response. It helps browser determine whether or not an actual request
         can be made using credentials. <strong>Defaults:</strong>
         <code>true</code></p>
@@ -187,8 +187,8 @@
     defaults:</p>
     <source>
 &lt;filter&gt;
-  &lt;filter-name&gt;CORSFilter&lt;/filter-name&gt;
-  &lt;filter-class&gt;org.apache.catalina.filters.CORSFilter&lt;/filter-class&gt;
+  &lt;filter-name&gt;CorsFilter&lt;/filter-name&gt;
+  &lt;filter-class&gt;org.apache.catalina.filters.CorsFilter&lt;/filter-class&gt;
   &lt;init-param&gt;
     &lt;param-name&gt;cors.allowed.origins&lt;/param-name&gt;
     &lt;param-value&gt;*&lt;/param-value&gt;
@@ -215,21 +215,21 @@
   &lt;/init-param&gt;
 &lt;/filter&gt;
 &lt;filter-mapping&gt;
-  &lt;filter-name&gt;CORS Filter&lt;/filter-name&gt;
+  &lt;filter-name&gt;CorsFilter&lt;/filter-name&gt;
   &lt;url-pattern&gt;/*&lt;/url-pattern&gt;
 &lt;/filter-mapping&gt;
     </source>
   </subsection>
   <subsection name="CORS Filter and HttpServletRequest attributes">
-    <p>CORS Filter adds information about a request, in the HttpServletRequest
+    <p>CORS Filter adds information about the request, in HttpServletRequest
     object, for consumption downstream. Following attributes are set, if
     <code>cors.request.decorate</code> initialisation parameter is
     <code>true</code>:</p>
     <ul>
-      <li><strong>cors.isCorsRequest:</strong> Flag to determine if a request
is
+      <li><strong>cors.isCorsRequest:</strong> Flag to determine if request
is
           a CORS request.</li>
       <li><strong>cors.request.origin:</strong> The Origin URL, i.e. the
URL of
-          the page from where the request is originated.</li>
+          the page from where the request originated.</li>
       <li><strong>cors.request.type:</strong> Type of CORS request. Possible
           values:
         <ul>
@@ -244,8 +244,9 @@
         </ul>
       </li>
       <li><strong>cors.request.headers:</strong> Request headers sent as
-          'Access-Control-Request-Headers' header, for a pre-flight request.
-          </li>
+          <code>Access-Control-Request-Headers</code> header, for a pre-flight

+          request.
+      </li>
     </ul>
   </subsection>
 </section>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message