[aerogear-dev] Cross Domain Support for Aerogear.js
Bruno Oliveira
bruno at abstractj.org
Thu Dec 6 19:50:14 EST 2012
Hi Luke, CORS was recently added on aerogear controller.
Could we put pipeline and controller together?
- Bruno
On Dec 6, 2012, at 6:31 PM, Lucas Holmquist <lholmqui at redhat.com> wrote:
> can also be seen here https://gist.github.com/4227377
>
>
>
> This gist relates to AEROGEAR-534, https://issues.jboss.org/browse/AEROGEAR-534
>
> I created a node.js server that handles CORS and jsonp for my testing
>
> Cross Domain Support
>
> To do cross domain request, i've modified aerogear.js a bit.
>
> I've added a new settings variable, settings.crossdomain, that can be mixed. If set to true, it will default to CORS, to override to jsonp set settings.crossdomain.type = "jsonp"
>
> var pipeline = AeroGear.Pipeline();
>
> jsonp = pipeline.add( {
> name: "jsonp",
> settings: {
> baseURL: "http://localhost:8080",
> endpoint: "/",
> crossdomain: {
> type: "jsonp",
> jsonp: "jsonp" //this is optional and will default to callback, jquery default
> }
> }
> });
>
> cors = pipeline.add( {
> name: "cors",
> settings: {
> baseURL: "http://localhost:8080",
> endpoint: "/",
> crossdomain: true
> }
> });
> If the user wants to use CORS, settings.crossdomain = true, but there browser doesn't support CORS, then AeroGear.Ajax will fallback to jsonp
>
> CORS
>
> since IE9 doesn't use the same thing as the rest of the browser world, i add in a small lib,https://github.com/jaubourg/ajaxHooks, in the external/ actually just the xdr.js file
>
> Although i haven't actually tested that it works
>
> AeroGear.Ajax
>
> The majority of the changes happen in the AeroGear.Ajax function
>
> Here is the commit for this
>
> https://github.com/lholmquist/aerogear-js/commit/d3d3ecaac1d2648f37d66b46f7e776029b2a3517
>
> At the moment the only overridable options in the crossdomain object are jsonp related. I guess this would be the place to add CORS options, if we wanted to
>
> Interestingly enough, if you don't specify any of the new settings, CORS will work, if the server supports it, out of the box.
>
> This is my simple node.js server
>
> var express = require( "express" );
> var app = express();
>
> app.all( "/", function(request,response) {
>
> // When dealing with CORS (Cross-Origin Resource Sharing)
> // requests, the client should pass-through its origin (the
> // requesting domain). We should either echo that or use *
> // if the origin was not passed.
> var origin = (request.headers.origin || "*");
>
> // Check to see if this is a security check by the browser to
> // test the availability of the API for the client. If the
> // method is OPTIONS, the browser is check to see to see what
> // HTTP methods (and properties) have been granted to the
> // client.
> if (request.method.toUpperCase() === "OPTIONS"){
>
>
> // Echo back the Origin (calling domain) so that the
> // client is granted access to make subsequent requests
> // to the API.
> response.status( 204 );
> response.header(
> {
> "access-control-allow-origin": origin,
> "access-control-allow-methods": "GET, PUT, DELETE, OPTIONS",
> "access-control-allow-headers": "content-type, accept",
> "access-control-max-age": 10, // Seconds.
> "content-length": 0
> }
> );
> }
> // End the response - we're not sending back any content.
> response.status( 200 );
> response.header(
> {
> "access-control-allow-origin": origin,
> "content-type": "application/json"
> }
> );
> var callback = request.query.callback || request.query.jsonp;
> if( callback ) {
> response.send( callback + "({response:'stuff'})");
> } else {
> response.send( {response:'stuff'});
> }
>
>
> });
>
> app.listen( 8080 );
>
> // Debugging:
> console.log( "Node.js listening on port 8080" );
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20121206/0822ca31/attachment-0001.html
More information about the aerogear-dev
mailing list