ff138895bbb419cbc8cf40e9a3716048f1cb528f,mockserver-war/src/main/java/org/mockserver/server/MockServerServlet.java,MockServerServlet,addCORSHeaders,#HttpServletResponse#,172
Before Change
private void addCORSHeaders(HttpServletResponse httpServletResponse) {
if (enableCORS()) {
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
httpServletResponse.setHeader("Access-Control-Allow-Methods", "CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE");
httpServletResponse.setHeader("Access-Control-Allow-Headers", "Allow, Content-Encoding, Content-Length, Content-Type, ETag, Expires, Last-Modified, Location, Server, Vary");
httpServletResponse.setHeader("X-CORS", "MockServer CORS support enabled by default, to disable ConfigurationProperties.enableCORS(false) or -Dmockserver.disableCORS=false");
After Change
String methods = "CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE";
String headers = "Allow, Content-Encoding, Content-Length, Content-Type, ETag, Expires, Last-Modified, Location, Server, Vary";
if (httpServletResponse.getHeaders("Access-Control-Allow-Origin").isEmpty()) {
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
}
if (httpServletResponse.getHeaders("Access-Control-Allow-Methods").isEmpty()) {
httpServletResponse.setHeader("Access-Control-Allow-Methods", methods);
}
if (httpServletResponse.getHeaders("Access-Control-Allow-Headers").isEmpty()) {
httpServletResponse.setHeader("Access-Control-Allow-Headers", headers);
}
if (httpServletResponse.getHeaders("Access-Control-Expose-Headers").isEmpty()) {
httpServletResponse.setHeader("Access-Control-Expose-Headers", headers);
}
if (httpServletResponse.getHeaders("Access-Control-Max-Age").isEmpty()) {
httpServletResponse.setHeader("Access-Control-Max-Age", "1");
}
if (httpServletResponse.getHeaders("X-CORS").isEmpty()) {
httpServletResponse.setHeader("X-CORS", "MockServer CORS support enabled by default, to disable ConfigurationProperties.enableCORSForAPI(false) or -Dmockserver.disableCORS=false");