Thanks dan,
On Dec 12, 2012, at 9:47 AM, Daniel Bevenius <daniel.bevenius(a)gmail.com> wrote:
To specify request header that are valid you can use the
validRequestHeaders method:
return CorsConfig.enableCorsSupport()
.anyOrigin()
.enableCookies()
.maxAge(20)
.enableAllRequestMethods()
.validRequestHeaders("header1, header2");
Is this how you modified you local aerogear-controller-demo?
i actually did this in the CorsConfig class. Should have know it was easier than
that
public CorsConfiguration build() {
validRequestHeaders.add("origin");
validRequestHeaders.add("accept");
validRequestHeaders.add("content-type");
if (validRequestMethods.isEmpty()) {
enableAllRequestMethods();
}
return new CorsConfig(this);
}
I'm not sure exaclty what is going on just by looking at the
request and the response. Let me try this out and see if I can figure it out.
cool, i just used python -m SimpleHTTPServer to run the html/js stuff
On 12 December 2012 15:26, Lucas Holmquist <lholmqui(a)redhat.com> wrote:
CORS with Aerogear.js and AG-Controller
from this
gist:https://gist.github.com/4268092
2 things.
So when using aerogear.js to make a cross domain call,
var pipeline = AeroGear.Pipeline();
cors = pipeline.add( {
name: "cors",
settings: {
baseURL: "http://localhost:8080/aerogear-controller-demo/",
endpoint: "login/"
}
});
pipeline.pipes.cors.read({
success: function( data, xhr, thing1 ) {
console.log( data );
},
error: function( error ) {
console.log( error );
}
});
the initial OPTIONS request looks similar to this. Request
URL:http://localhost:8080/aerogear-controller-demo/login/
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:origin, content-type, accept
Access-Control-Request-Method:GET
Cache-Control:max-age=0
Connection:keep-alive
Host:localhost:8080
Origin:http://localhost:8000
Pragma:no-cache
Referer:http://localhost:8000/app/cors.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like
Gecko) Chrome/23.0.1271.95 Safari/537.11
I just copy and pasted this from chrome dev tools.
Here is what the CORS config looks like in the controller demo, for those who don't
want to go look it up
@Produces
public CorsConfiguration demoConfig() {
return CorsConfig.enableCorsSupport()
.anyOrigin()
.enableCookies()
.maxAge(20)
.enableAllRequestMethods()
.build();
}
So the above request will fail since it has more headers than just "origin".
This brings me to my first question:
How do i specify more headers in this config object?, i guess in this case it would be
origin, content-type, and accept
Now to the second part
I modified my local aerogear-controller to add these other headers in by default, and
then ran the above request again.
This time i get the same OPTIONS request but then i get a cross domain error with the
follow up GET that the browser makes
Request URL:http://localhost:8080/aerogear-controller-demo/login/
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Cache-Control:no-cache
Content-Type:application/json
Origin:http://localhost:8000
Pragma:no-cache
Referer:http://localhost:8000/app/cors.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like
Gecko) Chrome/23.0.1271.95 Safari/537.11
And i don't get any errors on the server log, so not really sure whats going on here
This is the repo i was using to play around with
https://github.com/lholmquist/WoWAerogear checkout the cors.html and cors.js page
-Luke
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev