You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by ch...@apache.org on 2012/04/23 17:09:22 UTC

svn commit: r1329275 - /activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala

Author: chirino
Date: Mon Apr 23 15:09:22 2012
New Revision: 1329275

URL: http://svn.apache.org/viewvc?rev=1329275&view=rev
Log:
More fine Tunning for APLO-188 : we now set Access-Control-Allow-Header to match Access-Control-Request-Headers

Modified:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala?rev=1329275&r1=1329274&r2=1329275&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala Mon Apr 23 15:09:22 2012
@@ -38,7 +38,10 @@ class AllowAnyOriginFilter(val allowed:S
         if( allow_any ) {
           if ( req.getMethod == "OPTIONS" ) {
             response.addHeader("Access-Control-Request-Method", "GET, POST, PUT, DELETE");
-            response.addHeader("Access-Control-Request-Headers", "");
+            req.getHeader("Access-Control-Request-Headers") match {
+              case headers:String=> response.addHeader("Access-Control-Allow-Header", headers);
+              case _ =>
+            }
             response.addHeader("Access-Control-Max-Age", ""+DAYS.toSeconds(1));
           }
           response.addHeader("Access-Control-Allow-Origin", "*");
@@ -47,7 +50,10 @@ class AllowAnyOriginFilter(val allowed:S
             if ( allowed.contains(origin) ) {
               if ( req.getMethod == "OPTIONS" ) {
                 response.addHeader("Access-Control-Request-Method", "GET, POST, PUT, DELETE");
-                response.addHeader("Access-Control-Request-Headers", "");
+                req.getHeader("Access-Control-Request-Headers") match {
+                  case headers:String=> response.addHeader("Access-Control-Allow-Header", headers);
+                  case _ =>
+                }
                 response.addHeader("Access-Control-Max-Age", ""+DAYS.toSeconds(1));
               }
               response.addHeader("Access-Control-Allow-Origin", origin);