Skip to content

Proposal for Support CORS (Cross-Origin Resource Sharing) #216#961

Merged
thboileau merged 12 commits intorestlet:masterfrom
boillodmanuel:issue216
Oct 31, 2014
Merged

Proposal for Support CORS (Cross-Origin Resource Sharing) #216#961
thboileau merged 12 commits intorestlet:masterfrom
boillodmanuel:issue216

Conversation

@boillodmanuel
Copy link
Copy Markdown
Contributor

@boillodmanuel boillodmanuel commented Oct 9, 2014

Add a Filter to handle multiple resources and a Helper to add CORS headers manually.

@jlouvel
Copy link
Copy Markdown
Collaborator

jlouvel commented Oct 18, 2014

Thanks Manuel. To move forward with this contribution, we need to take into account those aspects:

  • proper mapping of the CORS headers to Java class(es) attached to the Request/Response objects (see http://restlet.com/learn/guide/2.2/core/http-headers-mapping for existing mapping)
  • processing of the HTTP headers in the Restlet Engine during the overall headers parsing/formatting logic (reusing existing parsing utilities)
  • for some reasons the Travis build fails with this contribution

@boillodmanuel
Copy link
Copy Markdown
Contributor Author

boillodmanuel commented Oct 22, 2014

I'v added headers mapping and fix GWT edition. You can review the PR.

@jlouvel
Copy link
Copy Markdown
Collaborator

jlouvel commented Oct 29, 2014

Manuel, it looks pretty good! Just one last change before pulling this: could you replace HeaderName by a simple String for simplification purpose?

@jlouvel jlouvel modified the milestone: 2.3 M4 Oct 29, 2014
adennie
adennie reviewed Oct 29, 2014
View reviewed changes
modules/org.restlet/src/org/restlet/data/HeaderName.java Outdated
Copy link
Copy Markdown

@adennie adennie Oct 29, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo: "nae" -> "name"

Copy link
Copy Markdown
Contributor Author

@boillodmanuel boillodmanuel Oct 30, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

file removed (use simple String)

adennie
adennie reviewed Oct 30, 2014
View reviewed changes
modules/org.restlet/src/org/restlet/engine/cors/CorsFilter.java Outdated
Copy link
Copy Markdown

@adennie adennie Oct 30, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typically, different resources are going to support different methods (e.g. resource A might support GET/PUT, while resource B might support GET/POST). Therefore, configuring the filter with a single standard set of allowed methods doesn't seem useful to me. Instead, I suggest that you have a default behavior of allowing all methods implemented on a given resource (those annotated with @get, @put, etc), as well as a way for developers to override that on a per-request, per-resource basis. Therefore I suggest you use response.getAllowedMethods(). By default, this will be populated to reflect the annotated methods on the ServerResource, when ServerResource.options() calls updateAllowedMethods(), but a given ServerResource can modifiy that set of methods if desired in its @Options-annotated method.

Manuel Boillod added 2 commits October 31, 2014 12:31
issue restlet#216 - Support for CORS.
e8a0947 
Comments from @adennie taken into account - get allowed methods from the server resource.
Add CorsService.
exclude CorsService from GWT Edition
1fe273b
@boillodmanuel
Copy link
Copy Markdown
Contributor Author

boillodmanuel commented Oct 31, 2014

All comments taken in account.
I add also the CorsService.
Can be merged in Milestone 4.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@boillodmanuel boillodmanuel

Labels

None yet

Projects

None yet

Milestone

2.3 M4

Development

Successfully merging this pull request may close these issues.

4 participants

@boillodmanuel @jlouvel @adennie @thboileau