You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ch...@apache.org on 2012/04/18 14:33:36 UTC
svn commit: r1327478 -
/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
Author: chirino
Date: Wed Apr 18 12:33:36 2012
New Revision: 1327478
URL: http://svn.apache.org/viewvc?rev=1327478&view=rev
Log:
Fixes APLO-188: Add "Access-Control-Allow-Methods" and "Access-Control-Allow-Headers" to CORS requests
Modified:
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala?rev=1327478&r1=1327477&r2=1327478&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala Wed Apr 18 12:33:36 2012
@@ -18,6 +18,7 @@ package org.apache.activemq.apollo.broke
import javax.servlet._
import http.{HttpServletRequest, HttpServletResponse}
+import java.util.concurrent.TimeUnit._
/**
* Servlet filter which adds a 'Access-Control-Allow-Origin: *' HTTP header
@@ -33,11 +34,22 @@ class AllowAnyOriginFilter(val allowed:S
override def doFilter(request: ServletRequest, response: ServletResponse, chain: FilterChain) = {
response match {
case response: HttpServletResponse =>
+ val req = request.asInstanceOf[HttpServletRequest]
if( allow_any ) {
+ if ( req.getMethod == "OPTIONS" ) {
+ response.addHeader("Access-Control-Request-Method", "GET, POST, PUT, DELETE");
+ response.addHeader("Access-Control-Request-Headers", "");
+ response.addHeader("Access-Control-Max-Age", ""+DAYS.toSeconds(1));
+ }
response.addHeader("Access-Control-Allow-Origin", "*");
} else {
for( origin <- Option(request.asInstanceOf[HttpServletRequest].getHeader("Origin")) ) {
if ( allowed.contains(origin) ) {
+ if ( req.getMethod == "OPTIONS" ) {
+ response.addHeader("Access-Control-Request-Method", "GET, POST, PUT, DELETE");
+ response.addHeader("Access-Control-Request-Headers", "");
+ response.addHeader("Access-Control-Max-Age", ""+DAYS.toSeconds(1));
+ }
response.addHeader("Access-Control-Allow-Origin", origin);
}
}