add @EnableCORS annotation support

src/main/java/com/jfinal/ext/cors/CORSInterceptor.java

@@ -0,0 +1,94 @@
+/**
+ * Copyright (c) 2011-2019, James Zhan 詹波 (jfinal@126.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.jfinal.ext.cors;
+
+import com.jfinal.aop.Interceptor;
+import com.jfinal.aop.Invocation;
+import com.jfinal.kit.StrKit;
+
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Michael Yang 杨福海 （fuhai999@gmail.com）
+ * @Title: CORS 处理相关 拦截器
+ */
+public class CORSInterceptor implements Interceptor {
+
+    private static final String METHOD_OPTIONS = "OPTIONS";
+
+    @Override
+    public void intercept(Invocation inv) {
+
+        EnableCORS enableCORS = getAnnotation(inv);
+        
+        if (enableCORS == null) {
+            inv.invoke();
+            return;
+        }
+
+        doConfigCORS(inv, enableCORS);
+
+        String method = inv.getController().getRequest().getMethod();
+        if (METHOD_OPTIONS.equals(method)) {
+            inv.getController().renderText("");
+        } else {
+            inv.invoke();
+        }
+    }
+    
+    private EnableCORS getAnnotation(Invocation inv) {
+    	 EnableCORS enableCORS = inv.getMethod().getAnnotation(EnableCORS.class);
+    	 return enableCORS != null ? enableCORS : inv.getController().getClass().getAnnotation(EnableCORS.class);
+    }
+
+    private void doConfigCORS(Invocation inv, EnableCORS enableCORS) {
+
+        HttpServletResponse response = inv.getController().getResponse();
+
+        String allowOrigin = enableCORS.allowOrigin();
+        String allowCredentials = enableCORS.allowCredentials();
+        String allowHeaders = enableCORS.allowHeaders();
+        String allowMethods = enableCORS.allowMethods();
+        String exposeHeaders = enableCORS.exposeHeaders();
+        String requestHeaders = enableCORS.requestHeaders();
+        String requestMethod = enableCORS.requestMethod();
+        String origin = enableCORS.origin();
+        String maxAge = enableCORS.maxAge();
+
+        response.setHeader("Access-Control-Allow-Origin", allowOrigin);
+        response.setHeader("Access-Control-Allow-Methods", allowMethods);
+        response.setHeader("Access-Control-Allow-Headers", allowHeaders);
+        response.setHeader("Access-Control-Max-Age", maxAge);
+        response.setHeader("Access-Control-Allow-Credentials", allowCredentials);
+
+        if (StrKit.notBlank(exposeHeaders)) {
+            response.setHeader("Access-Control-Expose-Headers", exposeHeaders);
+        }
+
+        if (StrKit.notBlank(requestHeaders)) {
+            response.setHeader("Access-Control-Request-Headers", requestHeaders);
+        }
+
+        if (StrKit.notBlank(requestMethod)) {
+            response.setHeader("Access-Control-Request-Method", requestMethod);
+        }
+
+        if (StrKit.notBlank(origin)) {
+            response.setHeader("Origin", origin);
+        }
+
+    }
+}

src/main/java/com/jfinal/ext/cors/EnableCORS.java

@@ -0,0 +1,47 @@
+/**
+ * Copyright (c) 2011-2019, James Zhan 詹波 (jfinal@126.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.jfinal.ext.cors;
+
+import java.lang.annotation.*;
+
+/**
+ * @author Michael Yang 杨福海 （fuhai999@gmail.com）
+ * @version V1.0
+ * detail : https://developer.mozilla.org/en-US/docs/Glossary/CORS
+ */
+@Inherited
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.METHOD, ElementType.TYPE})
+public @interface EnableCORS {
+
+    String allowOrigin() default "*";
+
+    String allowCredentials() default "true";
+
+    String allowHeaders() default "Origin,X-Requested-With,Content-Type,Accept,Authorization,Jwt";
+
+    String allowMethods() default "GET,PUT,POST,DELETE,PATCH,OPTIONS";
+
+    String exposeHeaders() default "";
+
+    String requestHeaders() default "";
+
+    String requestMethod() default "";
+
+    String origin() default "";
+
+    String maxAge() default "3600";
+}