Sergey Beryozkin created CXF-5901:
-------------------------------------
Summary: Investigate how WebSocket Transport can support CORS
Key: CXF-5901
URL: https://issues.apache.org/jira/browse/CXF-5901
Project: CXF
Issue Type: Task
Components: JAX-RS, Transports
Reporter: Sergey Beryozkin
AFAIK CORS requirements can be enforces by compliant WebSocket implementations
such as Atmosphere and that any secure WebSocket server should be capable of
implementing CORS filters.
The question is: can we reuse CXF JAX-RS CORS filters when working with web
sockets and when we need to worry about it. I guess it is only an upgrade
request issue, once the upgrade is done using a wss protocol we have a secure
channel in place.
If so then CXF filters will likely do as they will reject the initial upgraded
request, but the transport may need to discard the upgraded connection in such
cases.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
