Author: olli
Date: Sat Feb 14 16:52:22 2015
New Revision: 1659812
URL: http://svn.apache.org/r1659812
Log:
SLING-3518 add a multipurpose filter based on Tuckey's UrlRewriteFilter
* add example for setting CORS headers
Modified:
sling/trunk/contrib/extensions/urlrewriter/README.md
Modified: sling/trunk/contrib/extensions/urlrewriter/README.md
URL:
http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/urlrewriter/README.md?rev=1659812&r1=1659811&r2=1659812&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/urlrewriter/README.md (original)
+++ sling/trunk/contrib/extensions/urlrewriter/README.md Sat Feb 14 16:52:22
2015
@@ -17,3 +17,25 @@ example for setting a Cache-Control head
</rule>
</urlrewrite>
+example for setting CORS headers:
+
+ <?xml version="1.0" encoding="UTF-8"?>
+ <!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN"
"http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd">
+ <urlrewrite>
+ <rule>
+ <note>
+ http://www.w3.org/TR/cors/
+ https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
+ http://fetch.spec.whatwg.org
+ http://enable-cors.org
+ http://www.html5rocks.com/en/tutorials/cors/
+ </note>
+ <condition type="header" name="Origin">.*</condition>
+ <condition type="header"
name="Access-Control-Request-Method">.*</condition>
+ <condition type="header"
name="Access-Control-Request-Headers">.*</condition>
+ <set type="response-header"
name="Access-Control-Allow-Origin">%{header:Origin}</set>
+ <set type="response-header"
name="Access-Control-Allow-Methods">%{header:Access-Control-Request-Method}</set>
+ <set type="response-header"
name="Access-Control-Allow-Headers">%{header:Access-Control-Request-Headers}</set>
+ <set type="response-header"
name="Access-Control-Allow-Credentials">true</set>
+ </rule>
+ </urlrewrite>