drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-4690) Header in RestApi CORS support
Date Tue, 07 Jun 2016 00:43:20 GMT

    [ https://issues.apache.org/jira/browse/DRILL-4690?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15317566#comment-15317566
] 

ASF GitHub Bot commented on DRILL-4690:
---------------------------------------

Github user parthchandra commented on a diff in the pull request:

    https://github.com/apache/drill/pull/507#discussion_r65994192
  
    --- Diff: exec/java-exec/src/main/resources/drill-module.conf ---
    @@ -111,7 +111,14 @@ drill.exec: {
         enabled: true,
         ssl_enabled: false,
         port: 8047
    -    session_max_idle_secs: 3600 # Default value 1hr
    +    session_max_idle_secs: 3600, # Default value 1hr
    +    cors: {
    +      enabled: true,
    --- End diff --
    
    I would default cors.enabled to false and/or set the access-cotrol-allow-origin to null.
Ideally, only the end user should be able to enable CORS for all sites. 
    Otherwise looks good to me.


> Header in RestApi CORS support 
> -------------------------------
>
>                 Key: DRILL-4690
>                 URL: https://issues.apache.org/jira/browse/DRILL-4690
>             Project: Apache Drill
>          Issue Type: Improvement
>            Reporter: Wojciech Nowak
>            Priority: Minor
>
> Damien Cantreras raised question on mailing list, related to Drill RestAPI support for
Header "Access-Control-Allow-Origin: *"
> to allow it being used from a HTML5 application.
> Place where Header should be added https://github.com/apache/drill/blob/master/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message