from this gist:https://gist.github.com/4268092
2 things.
So when using aerogear.js to make a cross domain call,
var pipeline = AeroGear.Pipeline();
cors = pipeline.add( {
name: "cors",
settings: {
baseURL: "http://localhost:8080/aerogear-controller-demo/",
endpoint: "login/"
}
});
pipeline.pipes.cors.read({
success: function( data, xhr, thing1 ) {
console.log( data );
},
error: function( error ) {
console.log( error );
}
});
the initial OPTIONS request looks similar to this. Request URL:http://localhost:8080/aerogear-controller-demo/login/
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:origin, content-type, accept
Access-Control-Request-Method:GET
Cache-Control:max-age=0
Connection:keep-alive
Host:localhost:8080
Origin:http://localhost:8000
Pragma:no-cache
Referer:http://localhost:8000/app/cors.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
I just copy and pasted this from chrome dev tools.
Here is what the CORS config looks like in the controller demo, for those who don't want to go look it up
@Produces
public CorsConfiguration demoConfig() {
return CorsConfig.enableCorsSupport()
.anyOrigin()
.enableCookies()
.maxAge(20)
.enableAllRequestMethods()
.build();
}
So the above request will fail since it has more headers than just "origin". This brings me to my first question:
How do i specify more headers in this config object?, i guess in this case it would be origin, content-type, and accept
Now to the second part
I modified my local aerogear-controller to add these other headers in by default, and then ran the above request again.
This time i get the same OPTIONS request but then i get a cross domain error with the follow up GET that the browser makes
Request URL:http://localhost:8080/aerogear-controller-demo/login/
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Cache-Control:no-cache
Content-Type:application/json
Origin:http://localhost:8000
Pragma:no-cache
Referer:http://localhost:8000/app/cors.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
And i don't get any errors on the server log, so not really sure whats going on here
This is the repo i was using to play around with https://github.com/lholmquist/WoWAerogear checkout the cors.html and cors.js page