You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@camel.apache.org by Ron Cecchini <ro...@comcast.net> on 2020/08/07 05:57:12 UTC

Enabling global CORS support

Hi, guys.

I have a Camel (3.4.2) + Spring Boot (2.3.1.RELEASE) web service using Undertow.

I ran into my first CORS (cross-origin resource sharing) issue, googled around, and solved it with @CrossOrigin.

My question has to do with why I could *not* solve it with restConfiguration().enableCORS(true) ?

With or without enableCORS(true), my headers were coming back:

    Connection         keep-alive
    Content-Type       application/json
    Date               Thu, 06 Aug 2020 22:47:53 GMT
    Transfer-Encoding  chunked

Only when I started using @CrossOrigin with all of my @RestController classes did I start getting:

    Connection         keep-alive
    Content-Type       application/json
    Date               Thu, 06 Aug 2020 22:54:47 GMT
    Transfer-Encoding  chunked
    Vary               Origin, Access-Control-Request-Method, Access-Control-Request-Headers

And all of my CORS problems went away.

But I imagine it *must* be possible to do the @CrossOrigin in a global way via the restConfiguration().

So what's the magic sauce I'm missing?

Is there something I should be doing with setCorsHeaders() and/or corsHeaderProperty()?
I would think not given the defaults listed at:
https://camel.apache.org/manual/latest/rest-dsl.html#_default_cors_headers

I'm suspecting some Annotation Sorcery I'm not aware of...

Thanks.

Re: Enabling global CORS support

Posted by Mark Nuttall <mk...@gmail.com>.

I am pretty sure it is because the annotation is Spring and the other is
Camel and Spring is in control, not Camel. For a global way with spring,
see this -
https://spring.io/guides/gs/rest-service-cors/

On Fri, Aug 7, 2020 at 1:57 AM Ron Cecchini <ro...@comcast.net> wrote:

>
> Hi, guys.
>
> I have a Camel (3.4.2) + Spring Boot (2.3.1.RELEASE) web service using
> Undertow.
>
> I ran into my first CORS (cross-origin resource sharing) issue, googled
> around, and solved it with @CrossOrigin.
>
> My question has to do with why I could *not* solve it with
> restConfiguration().enableCORS(true) ?
>
> With or without enableCORS(true), my headers were coming back:
>
>     Connection         keep-alive
>     Content-Type       application/json
>     Date               Thu, 06 Aug 2020 22:47:53 GMT
>     Transfer-Encoding  chunked
>
> Only when I started using @CrossOrigin with all of my @RestController
> classes did I start getting:
>
>     Connection         keep-alive
>     Content-Type       application/json
>     Date               Thu, 06 Aug 2020 22:54:47 GMT
>     Transfer-Encoding  chunked
>     Vary               Origin, Access-Control-Request-Method,
> Access-Control-Request-Headers
>
> And all of my CORS problems went away.
>
> But I imagine it *must* be possible to do the @CrossOrigin in a global way
> via the restConfiguration().
>
> So what's the magic sauce I'm missing?
>
> Is there something I should be doing with setCorsHeaders() and/or
> corsHeaderProperty()?
> I would think not given the defaults listed at:
> https://camel.apache.org/manual/latest/rest-dsl.html#_default_cors_headers
>
> I'm suspecting some Annotation Sorcery I'm not aware of...
>
> Thanks.
>