You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2016/03/14 14:33:33 UTC
[jira] [Created] (CAMEL-9704) rest-dsl - Options requests should
not be routed
Claus Ibsen created CAMEL-9704:
----------------------------------
Summary: rest-dsl - Options requests should not be routed
Key: CAMEL-9704
URL: https://issues.apache.org/jira/browse/CAMEL-9704
Project: Camel
Issue Type: Improvement
Components: camel-core, rest
Reporter: Claus Ibsen
Assignee: Claus Ibsen
Fix For: 2.17.0
If using rest-dsl and sending in a HTTP OPTIONS then we should just return back the CORS headers, and not route in Camel.
This is also to support the pre-flight HTTP OPTIONS requests, where rest-dsl returns the CORS headers, then the client can send the actual HTTP request afterwards.
Some good details of CORS here
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
We should maybe also consider trying to leverage native cors filters from jetty / netty etc if they provide one and use that. Though these filters like rest-dsl tend to just specify that anything is possible.
We could in rest-dsl look at the rest model and know what each url path has of HTTP methods, so we can return that instead of allowing all HTTP methods.
if there is a simple rest-dsl model with only
GET /users/{id}
POST /users
Then the allowed methods is GET, POST for /users and only GET for /users/123.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)