Thank you for the feedback! I think there's an issue (don't remember the number) to be able to specify a TikaConfig file for tika-server. So, I think that would be the ideal place to put more complex CORS configuration.
Tyler On Wed, Apr 1, 2015 at 6:02 AM, Sergey Beryozkin <[email protected]> wrote: > Hi Tyler > > Sorry for a delay, I was off for the last few days, > The change you did looks fine, the filter can check the annotations or can > be configured directly (which is what you did). > It might make sense to consider checking a (Java) properties resource as a > possible future enhancement, as a CORS filter may have many properties, > May be if a '-cors' is provided then check a well-known class resource > where all of the cors properties are set, if it is absent - default to '*' > otherwise work with Properties... > The current approach works too, might be tricky to extend it to support > more properties but great for a start > > Thanks, Sergey > > > > > > On 27/03/15 18:56, Tyler Palsulich wrote: > >> Thank you, Sergey! I didn't know about that feature. I am going to try to >> work up a patch this weekend which enables CORS. I'll let you know if I >> run >> into any issues. >> >> Thanks again, >> Tyler >> >> On Thu, Mar 26, 2015 at 2:39 AM, Mattmann, Chris A (3980) < >> [email protected]> wrote: >> >> >>> >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> Chris Mattmann, Ph.D. >>> Chief Architect >>> Instrument Software and Science Data Systems Section (398) >>> NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA >>> Office: 168-519, Mailstop: 168-527 >>> Email: [email protected] >>> WWW: http://sunset.usc.edu/~mattmann/ >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> Adjunct Associate Professor, Computer Science Department >>> University of Southern California, Los Angeles, CA 90089 USA >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> >>> >>> >>> >>> >>> >>> -----Original Message----- >>> From: Tyler Palsulich <[email protected]> >>> Reply-To: "[email protected]" <[email protected]> >>> Date: Tuesday, March 24, 2015 at 3:41 PM >>> To: "[email protected]" <[email protected]> >>> Subject: Access Control Allow Origin >>> >>> Hi Folks, >>>> >>>> I took a stab at creating an example website to submit a file to the >>>> form >>>> resource of our VM. See http://tpalsulich.github.io/TikaExamples/. >>>> >>>> If I try to use AJAX to submit the request to make the page prettier >>>> (see >>>> the script in the head of the page (with ev.preventDefault() commented >>>> out), I get the following error: >>>> >>>> XMLHttpRequest cannot load http://162.242.228.174:9998/tika/form. No >>>> 'Access-Control-Allow-Origin' header is present on the requested >>>> resource. >>>> Origin 'http://tpalsulich.github.io' is therefore not allowed access. >>>> The >>>> response had HTTP status code 400. >>>> >>>> We can't allow the tika-server response header to accept "*" in general, >>>> since that isn't secure. So, would there be interest in including this >>>> sort >>>> of site on the VM? Then, the AJAX request won't be external and we won't >>>> have this error. >>>> >>>> The version button just takes you to the version resource on the VM >>>> (doesn't do anything with the file). >>>> >>>> Tyler >>>> >>> >>> >>> >> >
