You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Jan Høydahl (JIRA)" <ji...@apache.org> on 2018/04/30 11:18:00 UTC

[jira] [Created] (SOLR-12292) Make it easier to configure Solr with CORS

Jan Høydahl created SOLR-12292:
----------------------------------

             Summary: Make it easier to configure Solr with CORS
                 Key: SOLR-12292
                 URL: https://issues.apache.org/jira/browse/SOLR-12292
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
          Components: Server
            Reporter: Jan Høydahl


While working on SOLR-8207 I wanted to collect info from other SolrCloud nodes from the AdminUI. However this is blocked by [CORS|https://en.wikipedia.org/wiki/Cross-origin_resource_sharing] policy. In that Jira I instead did the fan-out on the Solr server side for the two handler I needed.

It would be nice if all nodes in a SolrCloud cluster could automatically accept any other node as a legal origin, and make it easy for users to add other origins by config.

If we use the [Jetty CORS filter|http://www.eclipse.org/jetty/documentation/9.4.9.v20180320/cross-origin-filter.html] in web.xml, perhaps we could parse a env.var from solr.in.xx and inject into the {{allowedOrigins}} property of that filter? There is also SOLR-6059 which tries to implement CORS inside of Solr handlers and not in Jetty. Don't know pros/cons of those.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org