[aerogear-dev] AG-Controller and Aerogear.js CORS interaction

Lucas Holmquist lholmqui at redhat.com
Wed Dec 12 10:49:09 EST 2012 



On Dec 12, 2012, at 10:37 AM, Lucas Holmquist <lholmqui at redhat.com> wrote:

> 
> On Dec 12, 2012, at 10:13 AM, Daniel Bevenius <daniel.bevenius at gmail.com> wrote:
> 
>> I think the issue here it that the request is being denied by the server as the media type specified in the Accept Header is not supported by the route. To fix this one would have to specify that the route in question produces json:
>> route()
>>         .from("/cars")
>>         .on(RequestMethod.GET)
>>         .produces(MediaType.JSON.toString())
>>         .to(Home.class).anotherPage();
>> We have overloaded the producers method to also take only the enum MediaType, but this has not made it upstream yet. I know this looks a little ugly :(
>> 
>> If you try this and updated scripts/cors.js and change the endpoint to "cars" this should return:
>> Object {color: "silver", brand: "delorean"} 
>> 
>> 
> 
> 

> Modified this route, and was successful
> 
> route()
>     .from("/delorean")
>     .on(RequestMethod.GET).produces(MediaType.JSON.toString())
>     .to(Home.class).anotherPage();



Issue was on my end for this one,  so we are all good
> Kept getting the same error with this one though
> 
> route()
>     .from("/cars")
>     .on(RequestMethod.GET)
>     .produces(MediaType.JSON.toString())
>     .to(Home.class).anotherPage();
> 
> I should be good enough now for a blog post
> 
> thanks
> 
> 
>> 
>> On 12 December 2012 15:50, Lucas Holmquist <lholmqui at redhat.com> wrote:
>> Thanks dan,
>> 
>> On Dec 12, 2012, at 9:47 AM, Daniel Bevenius <daniel.bevenius at gmail.com> wrote:
>> 
>>> To specify request header that are valid you can use the validRequestHeaders method:
>>> 
>>> return CorsConfig.enableCorsSupport()
>>>                 .anyOrigin()
>>>                 .enableCookies()
>>>                 .maxAge(20)
>>>                 .enableAllRequestMethods()
>>>                 .validRequestHeaders("header1, header2");
>>> Is this how you modified you local aerogear-controller-demo?
>>> 
>>> 
>> 
>> i actually did this in the CorsConfig class.  Should have know it was easier than that
>> 
>>      public CorsConfiguration build() {
>>             validRequestHeaders.add("origin");
>>             validRequestHeaders.add("accept");
>>             validRequestHeaders.add("content-type");
>>             if (validRequestMethods.isEmpty()) {
>>                 enableAllRequestMethods();
>>             }
>>             return new CorsConfig(this);
>>         }
>> 
>> 
>>> I'm not sure exaclty what is going on just by looking at the request and the response. Let me try this out and see if I can figure it out.
>>> 
>>> 
>> 
>> cool,  i just used python -m SimpleHTTPServer to run the html/js stuff
>> 
>>> 
>>> 
>>> On 12 December 2012 15:26, Lucas Holmquist <lholmqui at redhat.com> wrote:
>>> CORS with Aerogear.js and AG-Controller
>>> 
>>> from this gist:https://gist.github.com/4268092
>>> 
>>> 2 things.
>>> 
>>> So when using aerogear.js to make a cross domain call,
>>> 
>>> var pipeline = AeroGear.Pipeline();
>>>         cors = pipeline.add( {
>>>             name: "cors",
>>>             settings: {
>>>                 baseURL: "http://localhost:8080/aerogear-controller-demo/",
>>>                 endpoint: "login/"
>>>             }
>>>         });
>>> 
>>>         pipeline.pipes.cors.read({
>>>             success: function( data, xhr, thing1 ) {
>>>                 console.log( data );
>>>             },
>>>             error: function( error ) {
>>>                 console.log( error );
>>>             }
>>>         });
>>> the initial OPTIONS request looks similar to this. Request URL:http://localhost:8080/aerogear-controller-demo/login/
>>> 
>>> Accept:*/*
>>> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
>>> Accept-Encoding:gzip,deflate,sdch
>>> Accept-Language:en-US,en;q=0.8
>>> Access-Control-Request-Headers:origin, content-type, accept
>>> Access-Control-Request-Method:GET
>>> Cache-Control:max-age=0
>>> Connection:keep-alive
>>> Host:localhost:8080
>>> Origin:http://localhost:8000
>>> Pragma:no-cache
>>> Referer:http://localhost:8000/app/cors.html
>>> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
>>> I just copy and pasted this from chrome dev tools.
>>> 
>>> Here is what the CORS config looks like in the controller demo, for those who don't want to go look it up
>>> 
>>> @Produces
>>> public CorsConfiguration demoConfig() {
>>>     return CorsConfig.enableCorsSupport()
>>>             .anyOrigin()
>>>             .enableCookies()
>>>             .maxAge(20)
>>>             .enableAllRequestMethods()
>>>             .build();
>>> }
>>> So the above request will fail since it has more headers than just "origin". This brings me to my first question:
>>> 
>>> How do i specify more headers in this config object?, i guess in this case it would be origin, content-type, and accept
>>> 
>>> Now to the second part
>>> 
>>> I modified my local aerogear-controller to add these other headers in by default, and then ran the above request again.
>>> 
>>> This time i get the same OPTIONS request but then i get a cross domain error with the follow up GET that the browser makes
>>> 
>>> Request URL:http://localhost:8080/aerogear-controller-demo/login/
>>> 
>>> Request Headersview source
>>> Accept:application/json, text/javascript, */*; q=0.01
>>> Cache-Control:no-cache
>>> Content-Type:application/json
>>> Origin:http://localhost:8000
>>> Pragma:no-cache
>>> Referer:http://localhost:8000/app/cors.html
>>> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
>>> And i don't get any errors on the server log, so not really sure whats going on here
>>> 
>>> This is the repo i was using to play around with https://github.com/lholmquist/WoWAerogear checkout the cors.html and cors.js page
>>> 
>>> 
>>> -Luke
>>> 
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>> 
>>> 
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> 
>> 
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> 
>> 
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> 
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20121212/aa48f924/attachment-0001.html

More information about the aerogear-dev mailing list