You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by Benoit Chesneau <bc...@gmail.com> on 2012/11/01 00:52:26 UTC
CORS support
Hello all,
So I finally committed my patch about CORS support following the current
W3C working draft [1]. This patch support simple and preflights requests
for a couchdb node. Configuration can also be done for a specific vhost.
To enable CORS you need to set the option `cors_enable = true` (by default
cors is disable). All origins are matched by default.
To configure defaults cors settings you need to create the [cors] section
in the ini file:
[cors]
allows_credentials = false
; List of origins separated by a comma
;origins =
; List of accepted headers separated by a comma
; headers =
; List of accepted methods
; methods =
allows credentials allows you to accept connections to protected dbs and
nodes.
To set the options for a vhosts you will need to create a section with the
vhost name prefixed by "cors:" . Ex for the vhost example.com:
; Configuration for a vhost
:[cors:example.com]
; allows_credentials = false
; List of origins separated by a comma
;origins =
; List of accepted headers separated by a comma
; headers =
; List of accepted methods
; methods =
Some tests have been added but we need to increase their number to be sure
to cover all the features presented here.
Anyway please tests, and let me know. This feature is available in the
branch COUCHDB-431_cors:
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
Please test and let me know.
- benoît
[1] http://www.w3.org/TR/cors/#preflight-request
Re: CORS support
Posted by Benoit Chesneau <bc...@gmail.com>.
and the branch is now named 431-feature_cors .
On Thu, Nov 1, 2012 at 12:52 AM, Benoit Chesneau <bc...@gmail.com>wrote:
> Hello all,
>
> So I finally committed my patch about CORS support following the current
> W3C working draft [1]. This patch support simple and preflights requests
> for a couchdb node. Configuration can also be done for a specific vhost.
>
> To enable CORS you need to set the option `cors_enable = true` (by
> default cors is disable). All origins are matched by default.
>
> To configure defaults cors settings you need to create the [cors] section
> in the ini file:
>
> [cors]
> allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> allows credentials allows you to accept connections to protected dbs and
> nodes.
>
>
> To set the options for a vhosts you will need to create a section with the
> vhost name prefixed by "cors:" . Ex for the vhost example.com:
>
> ; Configuration for a vhost
> :[cors:example.com]
> ; allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> Some tests have been added but we need to increase their number to be sure
> to cover all the features presented here.
>
> Anyway please tests, and let me know. This feature is available in the
> branch COUCHDB-431_cors:
>
> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
>
> Please test and let me know.
>
> - benoît
>
>
> [1] http://www.w3.org/TR/cors/#preflight-request
>
Re: CORS support
Posted by Benoit Chesneau <bc...@gmail.com>.
On Thu, Nov 1, 2012 at 2:00 AM, Dale Harvey <da...@arandomurl.com> wrote:
> This is awesome, thanks benoitc (and sorry for dropping the ball on this)
>
np. Was busy as well...
> Will test it out and get back to you
>
>
> Let me know if you find anything.
- benoît
Re: CORS support
Posted by Dale Harvey <da...@arandomurl.com>.
This is awesome, thanks benoitc (and sorry for dropping the ball on this)
Will test it out and get back to you
On 31 October 2012 23:52, Benoit Chesneau <bc...@gmail.com> wrote:
> Hello all,
>
> So I finally committed my patch about CORS support following the current
> W3C working draft [1]. This patch support simple and preflights requests
> for a couchdb node. Configuration can also be done for a specific vhost.
>
> To enable CORS you need to set the option `cors_enable = true` (by default
> cors is disable). All origins are matched by default.
>
> To configure defaults cors settings you need to create the [cors] section
> in the ini file:
>
> [cors]
> allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> allows credentials allows you to accept connections to protected dbs and
> nodes.
>
>
> To set the options for a vhosts you will need to create a section with the
> vhost name prefixed by "cors:" . Ex for the vhost example.com:
>
> ; Configuration for a vhost
> :[cors:example.com]
> ; allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> Some tests have been added but we need to increase their number to be sure
> to cover all the features presented here.
>
> Anyway please tests, and let me know. This feature is available in the
> branch COUCHDB-431_cors:
>
> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
>
> Please test and let me know.
>
> - benoît
>
>
> [1] http://www.w3.org/TR/cors/#preflight-request
>
Re: CORS support
Posted by Paul Davis <pa...@gmail.com>.
On Wed, Oct 31, 2012 at 11:36 PM, john.tiger <jo...@gmail.com> wrote:
> On 10/31/2012 05:52 PM, Benoit Chesneau wrote:
>>
>> Hello all,
>>
>> So I finally committed my patch about CORS support following the current
>> W3C working draft [1]. This patch support simple and preflights requests
>> for a couchdb node. Configuration can also be done for a specific vhost.
>
>
> okay, what am I missing ? on github I do not see any branch 431-CORS I
> only see an old branch 431 by tilgovi
>
>
>
You can pull it directly from ASF easily enough:
$ git remote add apache https://git-wip-us.apache.org/repos/asf/couchdb.git
$ git fetch apache
$ git checkout apache/431-CORS
Re: CORS support
Posted by "john.tiger" <jo...@gmail.com>.
On 10/31/2012 05:52 PM, Benoit Chesneau wrote:
> Hello all,
>
> So I finally committed my patch about CORS support following the current
> W3C working draft [1]. This patch support simple and preflights requests
> for a couchdb node. Configuration can also be done for a specific vhost.
okay, what am I missing ? on github I do not see any branch 431-CORS I
only see an old branch 431 by tilgovi
Re: CORS support
Posted by Benoit Chesneau <bc...@gmail.com>.
right. Just changed that :
https://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff;h=915c811a
Thanks!
- benoît
On Thu, Nov 1, 2012 at 9:13 PM, Randall Leeds <ra...@gmail.com>wrote:
> How would you feel to rename "allows_credentials" to just "credentials"?
>
> In the spec, it's "Access-Control-Allow-Credentials" (no 's' on 'allow'),
> and headers and methods use this same form, but in this patch the ini file
> does not use the long (imo) prefix "access-control-allow". I think to be
> consistent and terse it should just be "credentials" "origins" "headers"
> and "methods".
>
>
> On Wed, Oct 31, 2012 at 4:52 PM, Benoit Chesneau <bchesneau@gmail.com
> >wrote:
>
> > Hello all,
> >
> > So I finally committed my patch about CORS support following the current
> > W3C working draft [1]. This patch support simple and preflights requests
> > for a couchdb node. Configuration can also be done for a specific vhost.
> >
> > To enable CORS you need to set the option `cors_enable = true` (by
> default
> > cors is disable). All origins are matched by default.
> >
> > To configure defaults cors settings you need to create the [cors] section
> > in the ini file:
> >
> > [cors]
> > allows_credentials = false
> > ; List of origins separated by a comma
> > ;origins =
> > ; List of accepted headers separated by a comma
> > ; headers =
> > ; List of accepted methods
> > ; methods =
> >
> > allows credentials allows you to accept connections to protected dbs and
> > nodes.
> >
> >
> > To set the options for a vhosts you will need to create a section with
> the
> > vhost name prefixed by "cors:" . Ex for the vhost example.com:
> >
> > ; Configuration for a vhost
> > :[cors:example.com]
> > ; allows_credentials = false
> > ; List of origins separated by a comma
> > ;origins =
> > ; List of accepted headers separated by a comma
> > ; headers =
> > ; List of accepted methods
> > ; methods =
> >
> > Some tests have been added but we need to increase their number to be
> sure
> > to cover all the features presented here.
> >
> > Anyway please tests, and let me know. This feature is available in the
> > branch COUCHDB-431_cors:
> >
> > Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
> >
> > Please test and let me know.
> >
> > - benoît
> >
> >
> > [1] http://www.w3.org/TR/cors/#preflight-request
> >
>
Re: CORS support
Posted by Randall Leeds <ra...@gmail.com>.
How would you feel to rename "allows_credentials" to just "credentials"?
In the spec, it's "Access-Control-Allow-Credentials" (no 's' on 'allow'),
and headers and methods use this same form, but in this patch the ini file
does not use the long (imo) prefix "access-control-allow". I think to be
consistent and terse it should just be "credentials" "origins" "headers"
and "methods".
On Wed, Oct 31, 2012 at 4:52 PM, Benoit Chesneau <bc...@gmail.com>wrote:
> Hello all,
>
> So I finally committed my patch about CORS support following the current
> W3C working draft [1]. This patch support simple and preflights requests
> for a couchdb node. Configuration can also be done for a specific vhost.
>
> To enable CORS you need to set the option `cors_enable = true` (by default
> cors is disable). All origins are matched by default.
>
> To configure defaults cors settings you need to create the [cors] section
> in the ini file:
>
> [cors]
> allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> allows credentials allows you to accept connections to protected dbs and
> nodes.
>
>
> To set the options for a vhosts you will need to create a section with the
> vhost name prefixed by "cors:" . Ex for the vhost example.com:
>
> ; Configuration for a vhost
> :[cors:example.com]
> ; allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> Some tests have been added but we need to increase their number to be sure
> to cover all the features presented here.
>
> Anyway please tests, and let me know. This feature is available in the
> branch COUCHDB-431_cors:
>
> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
>
> Please test and let me know.
>
> - benoît
>
>
> [1] http://www.w3.org/TR/cors/#preflight-request
>
Re: CORS support
Posted by Randall Leeds <ra...@gmail.com>.
On Sat, Nov 3, 2012 at 2:55 PM, john.tiger <jo...@gmail.com>wrote:
> On 11/03/2012 12:15 PM, Benoit Chesneau wrote:
>
>> bump.
>>
>> Anyone tried it ?
>>
>
> we are trying it today - delayed by not realizing we needed to run
> autoconf (should be in docs)
>
>
./bootstrap
... does all the autoconf for you.
Re: CORS support
Posted by "john.tiger" <jo...@gmail.com>.
On 11/04/2012 01:34 AM, Simon Metson wrote:
> Hi John,
>> we are trying it today - delayed by not realizing we needed to run
>> autoconf (should be in docs)
> It is, in the DEVELOPERS file (which took me a while to notice, too).
okay and with @randall's suggestion ./bootstrap seemed to work okay -
but still not sure where to enable cors in config - just don't see it
anywhere
Re: CORS support
Posted by Simon Metson <si...@cloudant.com>.
Hi John,
On Saturday, 3 November 2012 at 21:55, john.tiger wrote:
> On 11/03/2012 12:15 PM, Benoit Chesneau wrote:
> > bump.
> >
> > Anyone tried it ?
>
> we are trying it today - delayed by not realizing we needed to run
> autoconf (should be in docs)
It is, in the DEVELOPERS file (which took me a while to notice, too).
Cheers
Simon
Re: CORS support
Posted by "john.tiger" <jo...@gmail.com>.
On 11/03/2012 12:15 PM, Benoit Chesneau wrote:
> bump.
>
> Anyone tried it ?
we are trying it today - delayed by not realizing we needed to run
autoconf (should be in docs)
Re: CORS support
Posted by Benoit Chesneau <bc...@gmail.com>.
On Sat, Nov 3, 2012 at 9:39 PM, Dale Harvey <da...@arandomurl.com> wrote:
> I havent had a chance yet but will definitely testing it out tomorrow
>
> Thanks!
Re: CORS support
Posted by Dale Harvey <da...@arandomurl.com>.
I havent had a chance yet but will definitely testing it out tomorrow
On 3 November 2012 11:35, Robert Newson <rn...@apache.org> wrote:
> Haven't had a chance yet, let's not merge until a review or two
>
>
> On 3 November 2012 18:15, Benoit Chesneau <bc...@gmail.com> wrote:
>
> > bump.
> >
> > Anyone tried it ? Is a merge in master OK for you?
> >
> > - benoît
> >
> >
> > On Thu, Nov 1, 2012 at 12:52 AM, Benoit Chesneau <bchesneau@gmail.com
> > >wrote:
> >
> > > Hello all,
> > >
> > > So I finally committed my patch about CORS support following the
> current
> > > W3C working draft [1]. This patch support simple and preflights
> requests
> > > for a couchdb node. Configuration can also be done for a specific
> vhost.
> > >
> > > To enable CORS you need to set the option `cors_enable = true` (by
> > > default cors is disable). All origins are matched by default.
> > >
> > > To configure defaults cors settings you need to create the [cors]
> section
> > > in the ini file:
> > >
> > > [cors]
> > > allows_credentials = false
> > > ; List of origins separated by a comma
> > > ;origins =
> > > ; List of accepted headers separated by a comma
> > > ; headers =
> > > ; List of accepted methods
> > > ; methods =
> > >
> > > allows credentials allows you to accept connections to protected dbs
> and
> > > nodes.
> > >
> > >
> > > To set the options for a vhosts you will need to create a section with
> > the
> > > vhost name prefixed by "cors:" . Ex for the vhost example.com:
> > >
> > > ; Configuration for a vhost
> > > :[cors:example.com]
> > > ; allows_credentials = false
> > > ; List of origins separated by a comma
> > > ;origins =
> > > ; List of accepted headers separated by a comma
> > > ; headers =
> > > ; List of accepted methods
> > > ; methods =
> > >
> > > Some tests have been added but we need to increase their number to be
> > sure
> > > to cover all the features presented here.
> > >
> > > Anyway please tests, and let me know. This feature is available in the
> > > branch COUCHDB-431_cors:
> > >
> > > Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
> > >
> > > Please test and let me know.
> > >
> > > - benoît
> > >
> > >
> > > [1] http://www.w3.org/TR/cors/#preflight-request
> > >
> >
>
Re: CORS support
Posted by Robert Newson <rn...@apache.org>.
Haven't had a chance yet, let's not merge until a review or two
On 3 November 2012 18:15, Benoit Chesneau <bc...@gmail.com> wrote:
> bump.
>
> Anyone tried it ? Is a merge in master OK for you?
>
> - benoît
>
>
> On Thu, Nov 1, 2012 at 12:52 AM, Benoit Chesneau <bchesneau@gmail.com
> >wrote:
>
> > Hello all,
> >
> > So I finally committed my patch about CORS support following the current
> > W3C working draft [1]. This patch support simple and preflights requests
> > for a couchdb node. Configuration can also be done for a specific vhost.
> >
> > To enable CORS you need to set the option `cors_enable = true` (by
> > default cors is disable). All origins are matched by default.
> >
> > To configure defaults cors settings you need to create the [cors] section
> > in the ini file:
> >
> > [cors]
> > allows_credentials = false
> > ; List of origins separated by a comma
> > ;origins =
> > ; List of accepted headers separated by a comma
> > ; headers =
> > ; List of accepted methods
> > ; methods =
> >
> > allows credentials allows you to accept connections to protected dbs and
> > nodes.
> >
> >
> > To set the options for a vhosts you will need to create a section with
> the
> > vhost name prefixed by "cors:" . Ex for the vhost example.com:
> >
> > ; Configuration for a vhost
> > :[cors:example.com]
> > ; allows_credentials = false
> > ; List of origins separated by a comma
> > ;origins =
> > ; List of accepted headers separated by a comma
> > ; headers =
> > ; List of accepted methods
> > ; methods =
> >
> > Some tests have been added but we need to increase their number to be
> sure
> > to cover all the features presented here.
> >
> > Anyway please tests, and let me know. This feature is available in the
> > branch COUCHDB-431_cors:
> >
> > Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
> >
> > Please test and let me know.
> >
> > - benoît
> >
> >
> > [1] http://www.w3.org/TR/cors/#preflight-request
> >
>
Re: CORS support
Posted by Benoit Chesneau <bc...@gmail.com>.
bump.
Anyone tried it ? Is a merge in master OK for you?
- benoît
On Thu, Nov 1, 2012 at 12:52 AM, Benoit Chesneau <bc...@gmail.com>wrote:
> Hello all,
>
> So I finally committed my patch about CORS support following the current
> W3C working draft [1]. This patch support simple and preflights requests
> for a couchdb node. Configuration can also be done for a specific vhost.
>
> To enable CORS you need to set the option `cors_enable = true` (by
> default cors is disable). All origins are matched by default.
>
> To configure defaults cors settings you need to create the [cors] section
> in the ini file:
>
> [cors]
> allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> allows credentials allows you to accept connections to protected dbs and
> nodes.
>
>
> To set the options for a vhosts you will need to create a section with the
> vhost name prefixed by "cors:" . Ex for the vhost example.com:
>
> ; Configuration for a vhost
> :[cors:example.com]
> ; allows_credentials = false
> ; List of origins separated by a comma
> ;origins =
> ; List of accepted headers separated by a comma
> ; headers =
> ; List of accepted methods
> ; methods =
>
> Some tests have been added but we need to increase their number to be sure
> to cover all the features presented here.
>
> Anyway please tests, and let me know. This feature is available in the
> branch COUCHDB-431_cors:
>
> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0777262f
>
> Please test and let me know.
>
> - benoît
>
>
> [1] http://www.w3.org/TR/cors/#preflight-request
>