Re: [Broker-J] Http management interface should ignore OPTIONS method

2021-07-19 Thread Tom Jordahl
nday, July 19, 2021 at 4:24 AM To: "users@qpid.apache.org" Subject: Re: [Broker-J] Http management interface should ignore OPTIONS method Hi Tom, The Qpid Broker-J supports configuring CORS settings to allow access to REST API from different origins. This can be done via HTT

Re: [Broker-J] Http management interface should ignore OPTIONS method

2021-07-19 Thread Oleksandr Rudyy
Hi Tom, The Qpid Broker-J supports configuring CORS settings to allow access to REST API from different origins. This can be done via HTTP management attributes (corsAllowOrigins,corsAllowMethods,corsAllowHeaders,corsAllowCredentials). Though, by default, the origin(s), allowed headers and methods

Re: [Broker-J] Http management interface should ignore OPTIONS method

2021-07-15 Thread Mantas Gridinas
gt; Reply-To: "users@qpid.apache.org" > Date: Thursday, July 15, 2021 at 10:50 AM > To: "users@qpid.apache.org" > Subject: Re: [Broker-J] Http management interface should ignore OPTIONS > method > > Sadly options request is necessary for browsers to

Re: [Broker-J] Http management interface should ignore OPTIONS method

2021-07-15 Thread Tom Jordahl
/Preflight_request)? I didn’t think it did, but I certainly could be wrong. -- Tom From: Mantas Gridinas Reply-To: "users@qpid.apache.org" Date: Thursday, July 15, 2021 at 10:50 AM To: "users@qpid.apache.org" Subject: Re: [Broker-J] Http management interface should ignore O

Re: [Broker-J] Http management interface should ignore OPTIONS method

2021-07-15 Thread Mantas Gridinas
Sadly options request is necessary for browsers to assert whether or not the result of a request should be exposed to caller, isn't it? On Thu, Jul 15, 2021, 17:47 Tom Jordahl wrote: > Hello Devs, > > In our environment we run security scanning tools. They flag any HTTP > port that supports

[Broker-J] Http management interface should ignore OPTIONS method

2021-07-15 Thread Tom Jordahl
Hello Devs, In our environment we run security scanning tools. They flag any HTTP port that supports the OPTIONS method as a problem: “Web servers that respond to the OPTIONS HTTP method expose what other methods are supported by the web server, allowing attackers to narrow and intensify

Re: [Broker-J] HTTP management

2018-08-30 Thread Oleksandr Rudyy
e time. > > Thanks, > Olivier > > -Original Message- > From: Rob Godfrey > Sent: mercredi 29 août 2018 17:58 > To: users@qpid.apache.org > Subject: Re: [Broker-J] HTTP management > > On Wed, 29 Aug 2018 at 17:21, VERMEULEN Olivier > wrote: > > > Hello,

RE: [Broker-J] HTTP management

2018-08-30 Thread VERMEULEN Olivier
2018 17:58 To: users@qpid.apache.org Subject: Re: [Broker-J] HTTP management On Wed, 29 Aug 2018 at 17:21, VERMEULEN Olivier wrote: > Hello, > > While working with the Broker-J HTTP management I found some strange > behaviors, especially while binding a queue to

Re: [Broker-J] HTTP management

2018-08-29 Thread Rob Godfrey
On Wed, 29 Aug 2018 at 17:21, VERMEULEN Olivier wrote: > Hello, > > While working with the Broker-J HTTP management I found some strange > behaviors, especially while binding a queue to an exchange. > > * If the exchange does not exist the creation of the binding returns &

[Broker-J] HTTP management

2018-08-29 Thread VERMEULEN Olivier
Hello, While working with the Broker-J HTTP management I found some strange behaviors, especially while binding a queue to an exchange. * If the exchange does not exist the creation of the binding returns 404 where I would expect a 5XX * If the queue does not exist the creation