camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Florian Andreae (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CAMEL-8373) rest-dsl - CORS may have issue with non simple requests
Date Mon, 23 Feb 2015 16:35:12 GMT

    [ https://issues.apache.org/jira/browse/CAMEL-8373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14333449#comment-14333449
] 

Florian Andreae edited comment on CAMEL-8373 at 2/23/15 4:34 PM:
-----------------------------------------------------------------

I was able to work around this issue by setting the CORS Headers manually.

<route>
            <from uri="jetty://http://127.0.0.1:8082/uri?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="jetty://http://127.0.0.1:8082/transfer?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="jetty://http://127.0.0.1:8082/resource?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="direct:setcors"/>
            <log message="Setting CORS Header"/>
            <setHeader headerName="Access-Control-Allow-Origin">
                <constant>*</constant>
            </setHeader>
            <setHeader headerName="Access-Control-Allow-Methods">
                <constant>GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH</constant>
            </setHeader>
            <setHeader headerName="Access-Control-Allow-Headers">
                <constant>Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,
Access-Control-Request-Headers</constant>
            </setHeader>
        </route>

It was not possible to just set <from uri="jetty://http://127.0.0.1:8082?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>. 

Another very interesting issue is that this works now for the uri and the resource endpoint
defined above. The transfer endpoint is not working when I call http://127.0.0.1/transfer.
I get a 405 - Methode not allowed error. It only works when I call it with some suffix like
this http://127.0.0.1/transfer/1.  

The OPTIONS request header looks like:

Host: 127.0.0.1:8082
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Origin: http://localhost:8083
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache


was (Author: senexi):
I was able to work around this issue by setting the CORS Headers manually.

<route>
            <from uri="jetty://http://127.0.0.1:8082/uri?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="jetty://http://127.0.0.1:8082/transfer?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="jetty://http://127.0.0.1:8082/resource?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>
            <to uri="direct:setcors"/>
        </route>
        
        <route>
            <from uri="direct:setcors"/>
            <log message="Setting CORS Header"/>
            <setHeader headerName="Access-Control-Allow-Origin">
                <constant>*</constant>
            </setHeader>
            <setHeader headerName="Access-Control-Allow-Methods">
                <constant>GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH</constant>
            </setHeader>
            <setHeader headerName="Access-Control-Allow-Headers">
                <constant>Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method,
Access-Control-Request-Headers</constant>
            </setHeader>
        </route>

It was not possible to just set <from uri="jetty://http://127.0.0.1:8082?matchOnUriPrefix=true&amp;httpMethodRestrict=OPTIONS"
/>. 

Another very interesting issue is that this works now for the uri and the resource endpoint.
The transfer endpoint is not working at all and I get a 405 - Methode not allowed error. 

The OPTIONS request header looks like:

Host: 127.0.0.1:8082
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Origin: http://localhost:8083
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

> rest-dsl - CORS may have issue with non simple requests
> -------------------------------------------------------
>
>                 Key: CAMEL-8373
>                 URL: https://issues.apache.org/jira/browse/CAMEL-8373
>             Project: Camel
>          Issue Type: Task
>          Components: camel-core
>    Affects Versions: 2.14.1
>            Reporter: Claus Ibsen
>             Fix For: 2.14.2, 2.15.0
>
>
> Look into reported on SO
> http://stackoverflow.com/questions/28562817/camel-rest-dsl-enablecors-only-working-for-get
> For non simple requests, such as PUT see
> http://www.w3.org/TR/cors/



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message