Hi Chetan, The way I've imagined this working is via properties set on the resource type resource. I did something similar in a POC of rules for selector/extension/suffixes: http://svn.apache.org/repos/asf/sling/trunk/samples/urlfilter/src/main/java/org/apache/sling/samples/urlfilter/impl/UrlFilter.java
Justin On Wed, Oct 31, 2012 at 12:19 AM, Chetan Mehrotra <[email protected]> wrote: > For one of our web applications we require CORS [1] support in Sling. > Looking at the requirements for CORS I think it would be best > fulfilled by a simple servlet filter. Currently there is one > implementation for Java [2] which provides such a filter. > > Any suggestions on how it should be implemented keeping in mind the > Sling design? One possible way is to capture CORS related rules as > content data in repository like we do for mapping url. The rules can > be captured in same way as it is being done in AWS [4]. Also the code > can be part of Sling Security bundle (which has CSRF filter) or can be > part of new bundle > > Thoughts? > > Chetan Mehrotra > > [1] http://www.w3.org/TR/cors/ > [2] https://github.com/LuisSala/CORS-Java-Servlet-Filter > [3] https://github.com/apache/sling/tree/trunk/contrib/extensions/security > [4] http://docs.amazonwebservices.com/AmazonS3/latest/dev/cors.html
