Hi Tyler
Sorry for a delay, I was off for the last few days,
The change you did looks fine, the filter can check the annotations or
can be configured directly (which is what you did).
It might make sense to consider checking a (Java) properties resource as
a possible future enhancement, as a CORS filter may have many properties,
May be if a '-cors' is provided then check a well-known class resource
where all of the cors properties are set, if it is absent - default to
'*' otherwise work with Properties...
The current approach works too, might be tricky to extend it to support
more properties but great for a start
Thanks, Sergey
On 27/03/15 18:56, Tyler Palsulich wrote:
Thank you, Sergey! I didn't know about that feature. I am going to try to
work up a patch this weekend which enables CORS. I'll let you know if I run
into any issues.
Thanks again,
Tyler
On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) <
[email protected]> wrote:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Chris Mattmann, Ph.D.
Chief Architect
Instrument Software and Science Data Systems Section (398)
NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA
Office: 168-519, Mailstop: 168-527
Email: [email protected]
WWW: http://sunset.usc.edu/~mattmann/
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Adjunct Associate Professor, Computer Science Department
University of Southern California, Los Angeles, CA 90089 USA
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----Original Message-----
From: Tyler Palsulich <[email protected]>
Reply-To: "[email protected]" <[email protected]>
Date: Tuesday, March 24, 2015 at 3:41 PM
To: "[email protected]" <[email protected]>
Subject: Access Control Allow Origin
Hi Folks,
I took a stab at creating an example website to submit a file to the form
resource of our VM. See http://tpalsulich.github.io/TikaExamples/.
If I try to use AJAX to submit the request to make the page prettier (see
the script in the head of the page (with ev.preventDefault() commented
out), I get the following error:
XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No
'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://tpalsulich.github.io' is therefore not allowed access. The
response had HTTP status code 400.
We can't allow the tika-server response header to accept "*" in general,
since that isn't secure. So, would there be interest in including this
sort
of site on the VM? Then, the AJAX request won't be external and we won't
have this error.
The version button just takes you to the version resource on the VM
(doesn't do anything with the file).
Tyler
