You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2016/03/14 14:33:33 UTC

[jira] [Created] (CAMEL-9704) rest-dsl - Options requests should not be routed

Claus Ibsen created CAMEL-9704:
----------------------------------

             Summary: rest-dsl - Options requests should not be routed
                 Key: CAMEL-9704
                 URL: https://issues.apache.org/jira/browse/CAMEL-9704
             Project: Camel
          Issue Type: Improvement
          Components: camel-core, rest
            Reporter: Claus Ibsen
            Assignee: Claus Ibsen
             Fix For: 2.17.0


If using rest-dsl and sending in a HTTP OPTIONS then we should just return back the CORS headers, and not route in Camel.

This is also to support the pre-flight HTTP OPTIONS requests, where rest-dsl returns the CORS headers, then the client can send the actual HTTP request afterwards.

Some good details of CORS here
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

We should maybe also consider trying to leverage native cors filters from jetty / netty etc if they provide one and use that. Though these filters like rest-dsl tend to just specify that anything is possible.

We could in rest-dsl look at the rest model and know what each url path has of HTTP methods, so we can return that instead of allowing all HTTP methods.

if there is a simple rest-dsl model with only 
GET /users/{id}
POST /users

Then the allowed methods is GET, POST for /users and only GET for /users/123.






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)