details: https://code.openbravo.com/erp/devel/pi/rev/e2e7fb70d085
changeset: 30510:e2e7fb70d085
user: Martin Taal <martin.taal <at> openbravo.com>
date: Sun Oct 23 16:10:33 2016 +0200
summary: Fixes issue 34267: Let the basekernelservlet handle cors requests
Set cors headers in the basekernelservlet
diffstat:
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseKernelServlet.java
| 6 ++-
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelUtils.java
| 24 +++++++++-
2 files changed, 28 insertions(+), 2 deletions(-)
diffs (75 lines):
diff -r b61ce156e6a0 -r e2e7fb70d085
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseKernelServlet.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseKernelServlet.java
Sun Oct 23 11:00:57 2016 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/BaseKernelServlet.java
Sun Oct 23 16:10:33 2016 +0200
@@ -11,7 +11,7 @@
* under the License.
* The Original Code is Openbravo ERP.
* The Initial Developer of the Original Code is Openbravo SLU
- * All portions are Copyright (C) 2009-2014 Openbravo SLU
+ * All portions are Copyright (C) 2009-2016 Openbravo SLU
* All Rights Reserved.
* Contributor(s): ______________________________________.
************************************************************************
@@ -50,6 +50,10 @@
public void service(final HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException {
+
+ // always set the cors headers
+ KernelUtils.getInstance().setCORSHeaders(request, response);
+
// encapsulate the response to catch any redirects
// redirects are done by the authentication manager
final KernelHttpServletResponse localResponse = new
KernelHttpServletResponse(response);
diff -r b61ce156e6a0 -r e2e7fb70d085
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelUtils.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelUtils.java
Sun Oct 23 11:00:57 2016 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelUtils.java
Sun Oct 23 16:10:33 2016 +0200
@@ -11,18 +11,21 @@
* under the License.
* The Original Code is Openbravo ERP.
* The Initial Developer of the Original Code is Openbravo SLU
- * All portions are Copyright (C) 2010-2015 Openbravo SLU
+ * All portions are Copyright (C) 2010-2016 Openbravo SLU
* All Rights Reserved.
* Contributor(s): ______________________________________.
************************************************************************
*/
package org.openbravo.client.kernel;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.log4j.Logger;
@@ -509,6 +512,25 @@
}
/**
+ * See https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
+ */
+ public void setCORSHeaders(HttpServletRequest request, HttpServletResponse
response)
+ throws ServletException, IOException {
+
+ String origin = request.getHeader("Origin");
+
+ if (origin != null && !origin.equals("")) {
+ response.setHeader("Access-Control-Allow-Origin", origin);
+ response.setHeader("Access-Control-Allow-Credentials", "true");
+ response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
+ response.setHeader("Access-Control-Allow-Headers",
+ "Content-Type, Origin, Accept, X-Requested-With,
Access-Control-Allow-Credentials");
+
+ response.setHeader("Access-Control-Max-Age", "10000");
+ }
+ }
+
+ /**
* Returns true if any of the identifier properties of the provided entity
is nullable
*
* @param entity
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openbravo-commits mailing list
Openbravo-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
