Can't we use the _cors_request_handler_ sequence to set this value? Users don't have access to the synapse api xml file. And even if they change it, it'll be overriden when you save again unless its set in the velocity template as well. So if we can maintain it at the sequence these shouldn't be a problem.
On Fri, Nov 18, 2016 at 5:28 PM, Abimaran Kugathasan <[email protected]> wrote: > Hi Jo/Nuwan, > > We have to set the property like below. Shall we have 15 mins as the > default value in code level and let API Developer to override it through > api synapse xml file like below? > > <handler > class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler"> > <property name="apiImplementationType" value="ENDPOINT"/> > <property name="accessControlMaxAge" value="3600"/> > </handler> > > > On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka <[email protected]> wrote: > >> +1 to merge the fix to carry this forward better if we can add this to >> the publisher UI as well. >> >> Thanks >> Jo >> >> On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan <[email protected]> >> wrote: >> >>> Hi Dev, >>> >>> CORS specification allows caching the preflight response for a certain >>> number of seconds through Access-Control-Max-Age header [1] . >>> >>> Some browsers have this feature by default which overrides this header >>> if the value specified is greater than their value[2] >>> >>> Firefox - 24 hours >>> Chrome - 10 minutes >>> Chromium - 5 seconds >>> >>> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3]. >>> Please review and provide feedback. >>> >>> >>> [1] : https://www.w3.org/TR/cors/#access-control-max-age-response-header >>> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ >>> Access-Control-Max-Age >>> [3] : https://github.com/wso2/carbon-apimgt/pull/3114 >>> >>> >>> -- >>> Thanks >>> Abimaran Kugathasan >>> Senior Software Engineer - API Technologies >>> >>> Email : [email protected] >>> Mobile : +94 773922820 >>> >>> <http://stackoverflow.com/users/515034> >>> <http://lk.linkedin.com/in/abimaran> >>> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> >>> <https://twitter.com/abimaran> >>> >>> >> >> >> -- >> >> -- >> *Joseph Fonseka* >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: +94 772 512 430 >> skype: jpfonseka >> >> * <http://lk.linkedin.com/in/rumeshbandara>* >> >> > > > -- > Thanks > Abimaran Kugathasan > Senior Software Engineer - API Technologies > > Email : [email protected] > Mobile : +94 773922820 > > <http://stackoverflow.com/users/515034> > <http://lk.linkedin.com/in/abimaran> > <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> > <https://twitter.com/abimaran> > > -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
