wink-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lars-Fredrik Smedberg <itsme...@gmail.com>
Subject Re: CORs support in JEE6 JAX-RS
Date Mon, 07 Jul 2014 21:45:21 GMT
Hi!

For a more in-depth explanation of CORS see http://www.w3.org/TR/cors/

For the simple scenario described in 6.1 of the w3c document you could
either implement it as a Wink or as a Servlet Filter, I would guess a
Servlet filter would be easier.

The simplest case implemented as a Servlet filter could look like:

1. In the doFilter check if the request contains the "Origin" header, if
not => send e.g. http status 403
2. Then check if the value of the "Origin" header corresponds to a value in
a whitelist, if not => send e.g. http status 403
3. Add a response header called "Access-Control-Allow-Origin" bouncing the
value found in the "Origin" header
4. Process the next filter/servlet in the filter chain

Regards
Lars-Fredrik Smedberg



On Sat, Jul 5, 2014 at 8:42 PM, DK <desmond.kirrane@gmail.com> wrote:

> I need to enable CORS support for my REST API?
>
> I assume I need to use Apache Wink HandlersFactory and ResponseHandler? Any
> examples?
>
>
>
> --
> View this message in context:
> http://apache-wink-users.3471013.n2.nabble.com/CORs-support-in-JEE6-JAX-RS-tp7572806.html
> Sent from the Apache Wink Users mailing list archive at Nabble.com.
>



-- 
Med vänlig hälsning / Best regards

Lars-Fredrik Smedberg

STATEMENT OF CONFIDENTIALITY:
The information contained in this electronic message and any
attachments to this message are intended for the exclusive use of the
address(es) and may contain confidential or privileged information. If
you are not the intended recipient, please notify Lars-Fredrik Smedberg
immediately at itsmeden@gmail.com, and destroy all copies of this
message and any attachments.

Mime
View raw message