cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5901) Investigate how WebSocket Transport can support CORS
Date Thu, 24 Jul 2014 08:56:43 GMT
Sergey Beryozkin created CXF-5901:
-------------------------------------

             Summary: Investigate how WebSocket Transport can support CORS 
                 Key: CXF-5901
                 URL: https://issues.apache.org/jira/browse/CXF-5901
             Project: CXF
          Issue Type: Task
          Components: JAX-RS, Transports
            Reporter: Sergey Beryozkin


AFAIK CORS requirements can be enforces by compliant WebSocket implementations such as Atmosphere
and that any secure WebSocket server should be capable of implementing CORS filters.

The question is: can we reuse CXF JAX-RS CORS filters when working with web sockets and when
we need to worry about it. I guess it is only an upgrade request issue, once the upgrade is
done using a wss protocol we have a secure channel in place. 

If so then CXF filters will likely do as they will reject the initial upgraded request, but
the transport may need to discard the upgraded connection in such cases.     



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message