Hi Luke, CORS was recently added on aerogear controller. Could we put pipeline and controller together? - Bruno On Dec 6, 2012, at 6:31 PM, Lucas Holmquist <lholmqui(a)redhat.com&gt; wrote: > can also be seen here https://gist.github.com/4227377 > > > > This gist relates to AEROGEAR-534, https://issues.jboss.org/browse/AEROGEAR-534 > > I created a node.js server that handles CORS and jsonp for my testing > > Cross Domain Support > > To do cross domain request, i've modified aerogear.js a bit. > > I've added a new settings variable, settings.crossdomain, that can be mixed. If set to true, it will default to CORS, to override to jsonp set settings.crossdomain.type = "jsonp" > > var pipeline = AeroGear.Pipeline(); > > jsonp = pipeline.add( { > name: "jsonp", > settings: { > baseURL: "http://localhost:8080", > endpoint: "/", > crossdomain: { > type: "jsonp", > jsonp: "jsonp" //this is optional and will default to callback, jquery default > } > } > }); > > cors = pipeline.add( { > name: "cors", > settings: { > baseURL: "http://localhost:8080", > endpoint: "/", > crossdomain: true > } > }); > If the user wants to use CORS, settings.crossdomain = true, but there browser doesn't support CORS, then AeroGear.Ajax will fallback to jsonp > > CORS > > since IE9 doesn't use the same thing as the rest of the browser world, i add in a small lib,https://github.com/jaubourg/ajaxHooks, in the external/ actually just the xdr.js file > > Although i haven't actually tested that it works > > AeroGear.Ajax > > The majority of the changes happen in the AeroGear.Ajax function > > Here is the commit for this > > https://github.com/lholmquist/aerogear-js/commit/d3d3ecaac1d2648f37d66b46... > > At the moment the only overridable options in the crossdomain object are jsonp related. I guess this would be the place to add CORS options, if we wanted to > > Interestingly enough, if you don't specify any of the new settings, CORS will work, if the server supports it, out of the box. > > This is my simple node.js server > > var express = require( "express" ); > var app = express(); > > app.all( "/", function(request,response) { > > // When dealing with CORS (Cross-Origin Resource Sharing) > // requests, the client should pass-through its origin (the > // requesting domain). We should either echo that or use * > // if the origin was not passed. > var origin = (request.headers.origin || "*"); > > // Check to see if this is a security check by the browser to > // test the availability of the API for the client. If the > // method is OPTIONS, the browser is check to see to see what > // HTTP methods (and properties) have been granted to the > // client. > if (request.method.toUpperCase() === "OPTIONS"){ > > > // Echo back the Origin (calling domain) so that the > // client is granted access to make subsequent requests > // to the API. > response.status( 204 ); > response.header( > { > "access-control-allow-origin": origin, > "access-control-allow-methods": "GET, PUT, DELETE, OPTIONS", > "access-control-allow-headers": "content-type, accept", > "access-control-max-age": 10, // Seconds. > "content-length": 0 > } > ); > } > // End the response - we're not sending back any content. > response.status( 200 ); > response.header( > { > "access-control-allow-origin": origin, > "content-type": "application/json" > } > ); > var callback = request.query.callback || request.query.jsonp; > if( callback ) { > response.send( callback + "({response:'stuff'})"); > } else { > response.send( {response:'stuff'}); > } > > > }); > > app.listen( 8080 ); > > // Debugging: > console.log( "Node.js listening on port 8080" ); > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev