[aerogear-dev] AG-Controller and Aerogear.js CORS interaction

Lucas Holmquist lholmqui at redhat.com
Tue Dec 18 09:44:48 EST 2012 

I'm not sure if this is possible yet, but i'm trying to do a POST to the aerogear-controller-demo from our js libs

$( function() {
var pipeline = AeroGear.Pipeline(
    {
        name: "controllerPipe",
        settings: {
            baseURL: "http://localhost:8080/aerogear-controller-demo",
            endpoint: "/cars"
        }
    }
);

var controllerPipe = pipeline.pipes.controllerPipe;

controllerPipe.save(
    {
        color: "black",
        brand: "bmw"
    },
    {
    success: function( data ) {
        console.log( data );
    },
    error: function( error ) {
        console.log( error );
    }
});
});
Which should hit this route, it's modified to return the object as JSON, like i needed for the GET request

route()
  .from("/cars")
  .on(RequestMethod.POST)
  .produces(MediaType.JSON.toString())
  .to(Home.class).save(param(Car.class));
This is the request info from chrome dev tools

Request URL:http://localhost:8080/aerogear-controller-demo/cars
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3  
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Content-Length:31
Content-Type:application/json
Host:localhost:8080
Origin:http://localhost:3501
Pragma:no-cache
Referer:http://localhost:3501/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11

Request Payload
{"color":"black","brand":"bmw"}
Everything returns ok, but it returns null.

I noticed that in aerogear-controller, in DefaultRouteProcessor.java in the extractParameters method

Map<String, String[]> parameterMap = request.getParameterMap();
which would be blank since the values are in the request body

I'm guessing that it has something to do with the "Consume" functionality that is not yet there?

Just wanted to see if i was doing something wrong


-Luke

On Dec 12, 2012, at 10:49 AM, Lucas Holmquist <lholmqui at redhat.com> wrote:

> 
> 
> 
> On Dec 12, 2012, at 10:37 AM, Lucas Holmquist <lholmqui at redhat.com> wrote:
> 
>> 
>> On Dec 12, 2012, at 10:13 AM, Daniel Bevenius <daniel.bevenius at gmail.com> wrote:
>> 
>>> I think the issue here it that the request is being denied by the server as the media type specified in the Accept Header is not supported by the route. To fix this one would have to specify that the route in question produces json:
>>> route()
>>>         .from("/cars")
>>>         .on(RequestMethod.GET)
>>>         .produces(MediaType.JSON.toString())
>>>         .to(Home.class).anotherPage();
>>> We have overloaded the producers method to also take only the enum MediaType, but this has not made it upstream yet. I know this looks a little ugly :(
>>> 
>>> If you try this and updated scripts/cors.js and change the endpoint to "cars" this should return:
>>> Object {color: "silver", brand: "delorean"} 
>>> 
>>> 
>> 
>> 
> 
>> Modified this route, and was successful
>> 
>> route()
>>     .from("/delorean")
>>     .on(RequestMethod.GET).produces(MediaType.JSON.toString())
>>     .to(Home.class).anotherPage();
> 
> 
> 
> Issue was on my end for this one,  so we are all good
>> Kept getting the same error with this one though
>> 
>> route()
>>     .from("/cars")
>>     .on(RequestMethod.GET)
>>     .produces(MediaType.JSON.toString())
>>     .to(Home.class).anotherPage();
>> 
>> I should be good enough now for a blog post
>> 
>> thanks
>> 
>> 
>>> 
>>> On 12 December 2012 15:50, Lucas Holmquist <lholmqui at redhat.com> wrote:
>>> Thanks dan,
>>> 
>>> On Dec 12, 2012, at 9:47 AM, Daniel Bevenius <daniel.bevenius at gmail.com> wrote:
>>> 
>>>> To specify request header that are valid you can use the validRequestHeaders method:
>>>> 
>>>> return CorsConfig.enableCorsSupport()
>>>>                 .anyOrigin()
>>>>                 .enableCookies()
>>>>                 .maxAge(20)
>>>>                 .enableAllRequestMethods()
>>>>                 .validRequestHeaders("header1, header2");
>>>> Is this how you modified you local aerogear-controller-demo?
>>>> 
>>>> 
>>> 
>>> i actually did this in the CorsConfig class.  Should have know it was easier than that
>>> 
>>>      public CorsConfiguration build() {
>>>             validRequestHeaders.add("origin");
>>>             validRequestHeaders.add("accept");
>>>             validRequestHeaders.add("content-type");
>>>             if (validRequestMethods.isEmpty()) {
>>>                 enableAllRequestMethods();
>>>             }
>>>             return new CorsConfig(this);
>>>         }
>>> 
>>> 
>>>> I'm not sure exaclty what is going on just by looking at the request and the response. Let me try this out and see if I can figure it out.
>>>> 
>>>> 
>>> 
>>> cool,  i just used python -m SimpleHTTPServer to run the html/js stuff
>>> 
>>>> 
>>>> 
>>>> On 12 December 2012 15:26, Lucas Holmquist <lholmqui at redhat.com> wrote:
>>>> CORS with Aerogear.js and AG-Controller
>>>> 
>>>> from this gist:https://gist.github.com/4268092
>>>> 
>>>> 2 things.
>>>> 
>>>> So when using aerogear.js to make a cross domain call,
>>>> 
>>>> var pipeline = AeroGear.Pipeline();
>>>>         cors = pipeline.add( {
>>>>             name: "cors",
>>>>             settings: {
>>>>                 baseURL: "http://localhost:8080/aerogear-controller-demo/",
>>>>                 endpoint: "login/"
>>>>             }
>>>>         });
>>>> 
>>>>         pipeline.pipes.cors.read({
>>>>             success: function( data, xhr, thing1 ) {
>>>>                 console.log( data );
>>>>             },
>>>>             error: function( error ) {
>>>>                 console.log( error );
>>>>             }
>>>>         });
>>>> the initial OPTIONS request looks similar to this. Request URL:http://localhost:8080/aerogear-controller-demo/login/
>>>> 
>>>> Accept:*/*
>>>> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
>>>> Accept-Encoding:gzip,deflate,sdch
>>>> Accept-Language:en-US,en;q=0.8
>>>> Access-Control-Request-Headers:origin, content-type, accept
>>>> Access-Control-Request-Method:GET
>>>> Cache-Control:max-age=0
>>>> Connection:keep-alive
>>>> Host:localhost:8080
>>>> Origin:http://localhost:8000
>>>> Pragma:no-cache
>>>> Referer:http://localhost:8000/app/cors.html
>>>> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
>>>> I just copy and pasted this from chrome dev tools.
>>>> 
>>>> Here is what the CORS config looks like in the controller demo, for those who don't want to go look it up
>>>> 
>>>> @Produces
>>>> public CorsConfiguration demoConfig() {
>>>>     return CorsConfig.enableCorsSupport()
>>>>             .anyOrigin()
>>>>             .enableCookies()
>>>>             .maxAge(20)
>>>>             .enableAllRequestMethods()
>>>>             .build();
>>>> }
>>>> So the above request will fail since it has more headers than just "origin". This brings me to my first question:
>>>> 
>>>> How do i specify more headers in this config object?, i guess in this case it would be origin, content-type, and accept
>>>> 
>>>> Now to the second part
>>>> 
>>>> I modified my local aerogear-controller to add these other headers in by default, and then ran the above request again.
>>>> 
>>>> This time i get the same OPTIONS request but then i get a cross domain error with the follow up GET that the browser makes
>>>> 
>>>> Request URL:http://localhost:8080/aerogear-controller-demo/login/
>>>> 
>>>> Request Headersview source
>>>> Accept:application/json, text/javascript, */*; q=0.01
>>>> Cache-Control:no-cache
>>>> Content-Type:application/json
>>>> Origin:http://localhost:8000
>>>> Pragma:no-cache
>>>> Referer:http://localhost:8000/app/cors.html
>>>> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
>>>> And i don't get any errors on the server log, so not really sure whats going on here
>>>> 
>>>> This is the repo i was using to play around with https://github.com/lholmquist/WoWAerogear checkout the cors.html and cors.js page
>>>> 
>>>> 
>>>> -Luke
>>>> 
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>> 
>>>> 
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>> 
>>> 
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>> 
>>> 
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>> 
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20121218/11bcd118/attachment-0001.html

More information about the aerogear-dev mailing list