[teiid-issues] [JBoss JIRA] (TEIID-5588) Please add support for earlyRequest feature which is for example used in the OpenUI5 library to enhance performance in single page apps

Steven Hawkins (Jira) issues at jboss.org
Thu Jan 24 15:34:00 EST 2019 

     [ https://issues.jboss.org/browse/TEIID-5588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Steven Hawkins reassigned TEIID-5588:
-------------------------------------

      Component/s: OData
    Fix Version/s: Open To Community
         Assignee:     (was: Steven Hawkins)


> Please add support for earlyRequest feature which is for example used in the OpenUI5 library to enhance performance in single page apps
> ---------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: TEIID-5588
>                 URL: https://issues.jboss.org/browse/TEIID-5588
>             Project: Teiid
>          Issue Type: Enhancement
>          Components: OData
>    Affects Versions: 11.2.1
>            Reporter: Christoph John
>            Priority: Optional
>             Fix For: Open To Community
>
>
> As discussed in https://issues.jboss.org/browse/TEIID-5545 OpenUI5 implements a earlyRequest feature to preload metadata information from an odata v4 service. It would be great if support for this could be added to Teiid/Widlfly.
> Thomas Chadzelek, who I assume is a lead developer for the odata v4 model at SAP kindly provided the following information and offered his support in case further questions arise:
> The "earlyRequests" parameter is pretty simple. It will send GET requests for /$metadata and all annotation XML files (see parameter "annotationURI"). It will also send a HEAD request to with header "X-CSRF-Token" : "Fetch" in order to fetch the security token. If Teiid/Olingo does not implement CSRF protection by requiring such a header, there should be no need to properly answer the HEAD request at all. Else it would be nice to return the right CSRF token value in the response's headers.
> Please see Cross-Site Request Forgery Protection and Gateway protection against Cross-Site Request Forgery attacks for some background infos.
> For further questions you can contact him directly by joining the discussion at:
> https://github.com/SAP/openui5/issues/2288
> Thanks a lot. Let we know if I can support with testing.
> Best regards,
>  Christoph



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the teiid-issues mailing list