From f7fe09ecd9387159a30620c8823f8059f9ede684 Mon Sep 17 00:00:00 2001
From: dankito <git@dankito.net>
Date: Sat, 2 Jan 2021 22:47:28 +0100
Subject: [PATCH] Added CORS headers to response

---
 .../fints/rest/AccessControlResponseFilter.kt | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 rest/fints4kRest/src/main/kotlin/net/dankito/banking/fints/rest/AccessControlResponseFilter.kt

diff --git a/rest/fints4kRest/src/main/kotlin/net/dankito/banking/fints/rest/AccessControlResponseFilter.kt b/rest/fints4kRest/src/main/kotlin/net/dankito/banking/fints/rest/AccessControlResponseFilter.kt
new file mode 100644
index 00000000..0a450ffd
--- /dev/null
+++ b/rest/fints4kRest/src/main/kotlin/net/dankito/banking/fints/rest/AccessControlResponseFilter.kt
@@ -0,0 +1,26 @@
+package net.dankito.banking.fints.rest
+
+import javax.annotation.Priority
+import javax.ws.rs.Priorities
+import javax.ws.rs.container.ContainerRequestContext
+import javax.ws.rs.container.ContainerResponseContext
+import javax.ws.rs.container.ContainerResponseFilter
+import javax.ws.rs.core.MultivaluedMap
+import javax.ws.rs.ext.Provider
+
+
+@Provider
+@Priority(Priorities.HEADER_DECORATOR)
+open class AccessControlResponseFilter : ContainerResponseFilter {
+
+
+    override fun filter(requestContext: ContainerRequestContext, responseContext: ContainerResponseContext) {
+        val headers: MultivaluedMap<String, Any> = responseContext.headers
+
+        headers.add("Access-Control-Allow-Origin", "*")
+        headers.add("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type")
+        headers.add("Access-Control-Expose-Headers", "Location, Content-Disposition")
+        headers.add("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, HEAD, OPTIONS")
+    }
+
+}
\ No newline at end of file