CorsComposition.java

package compositions;

import play.libs.F;
import play.mvc.Action;
import play.mvc.Http.Response;
import play.mvc.Http.Context;
import play.mvc.Result;
import play.mvc.With;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

public class CorsComposition {

  @With(CorsAction.class)
  @Target({ElementType.TYPE, ElementType.METHOD})
  @Retention(RetentionPolicy.RUNTIME)
  public @interface Cors {
    String value() default "*";
  }

  public static class CorsAction extends Action<Cors>{
    public F.Promise<Result> call(Context context) throws Throwable {
      Response response = context.response();
      response.setHeader("Access-Control-Allow-Origin",configuration.value());

      if ( context.request().method().equals("OPTIONS")) {
        response.setHeader("Access-Control-Allow-Methods","POST, DELETE");
        response.setHeader("Access-Control-Max-Age","3600");
        response.setHeader("Access-Control-Allow-Headers","Origin, X-Requested-With, Content-Type, Accept, Authorization, Call-Origin");

        return F.Promise.pure((Result)ok());
      }
      response.setHeader("Access-Control-Allow-Headers","X-Requested-With");
      return delegate.call(context);
    }
  }

}