<p dir="ltr">Okay,</p>
<p dir="ltr">Alex could you provide us with a small example (js) that reproduces this?</p>
<p dir="ltr">Cheers,<br>
Thomas </p>
<br><div class="gmail_quote"><div dir="ltr">Stian Thorgersen <<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>> schrieb am Mi., 18. Mai 2016, 14:06:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Maybe, not 100% sure though</div><div class="gmail_extra"><br><div class="gmail_quote">On 18 May 2016 at 11:21, Thomas Darimont <span dir="ltr"><<a href="mailto:thomas.darimont@googlemail.com" target="_blank">thomas.darimont@googlemail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div><div>Would it be enough to add .exposedHeaders("Location") where the CORS headers are configured like: org.keycloak.services.resources.admin.AdminRoot#getRealmsAdmin?</div><div><a href="https://github.com/keycloak/keycloak/blob/92db7b3618852d953e5b53482668c3ff2a0bb057/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java#L212" target="_blank">https://github.com/keycloak/keycloak/blob/92db7b3618852d953e5b53482668c3ff2a0bb057/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java#L212</a></div></div><div><br></div><div>Cheers,</div><div>Thomas</div></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">2016-05-18 8:45 GMT+02:00 Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Permitting the Location header has to be changed in the admin endpoints on the Keycloak server side. Adding those properties to keycloak.json only control CORS headers for services in your own application.<div><br></div><div>Please create a JIRA issue for this, you can mark it as a bug as the admin endpoints should support CORS.</div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On 16 May 2016 at 23:58, Alex Gouvêa Vasconcelos <span dir="ltr"><<a href="mailto:alexgv99@gmail.com" target="_blank">alexgv99@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr"><div class="gmail_default"><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">I'm trying to follow the link obtained in a 201 (user created) in the Keycloak API but I can't access the "location" header which should be returned in the response...</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"><br></font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">$http.post(url, user)</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">.then(</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"> function(response) { console.log(response.headers()); }, </font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"> function(error) {}</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">)</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"><br></font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">The whole response.header() collection is empty... yet, the chrome developer console shows the url to the new resource...</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"><br></font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">I think, maybe this is related to the problem described here (<a href="http://www.aaron-powell.com/posts/2013-11-28-accessing-location-header-in-cors-response.html" target="_blank">http://www.aaron-powell.com/posts/2013-11-28-accessing-location-header-in-cors-response.html</a>), but I have tryed to add the following lines to my keycloak.json and yet no success:</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"> "enable-cors": true,</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"> "cors-allowed-headers": "Location"</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"><br></font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">Could anyone help me with that issue?</font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif"><br></font></div><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">Regards.</font></div><span><font color="#888888"><div class="gmail_default"><font color="#073763" face="verdana, sans-serif">Alex Gouvêa Vasconcelos</font></div><div class="gmail_default"><br></div></font></span></div>
</div>
<br></div></div>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>
<br>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</blockquote></div>