OK, but attaching it to a JIRA still gives is clear provenance and we
can find it a home later.
On Fri, Nov 18, 2011 at 11:48 AM, Sergey Beryozkin <sberyoz...@gmail.com> wrote:
> Hi Benson
> On 18/11/11 00:25, Benson Margulies wrote:
>>
>> Serg,
>>
>> To contribute code, it's preferred, if possible, to attach it to a JIRA.
>>
> I was thinking of simply documenting it for a start as I'm not sure where to
> add this code to. I guess I'd like it to go to a sep module but at this
> stage creating a module for keeping two simple filters may be a bit early.
> We can have another extension package added for a start to the rs frontend,
> and move it elsewhere, but I'm a bit cautious about it too as the frontend
> module is becoming quite monolitic and it will need to be split in time too,
> so I'm thinking that may be we just doc it and users will simply copy &
> paste the simple code, same way we started with JSONP code fragments.
>
>
> Sergey
>
>> --benson
>>
>>
>> On Thu, Nov 17, 2011 at 12:39 PM, sergkorney<sergkor...@gmail.com> wrote:
>>>
>>> here it is:
>>>
>>> public class JaxrsCorsInputFilter implements RequestHandler {
>>>
>>> final static String HEADER_ORIGIN = "origin";
>>>
>>> @Context
>>> private HttpHeaders headers;
>>>
>>> private List<String> allowedOrigins;
>>>
>>> public void setAllowedOrigins(List<String> allowedOrigins) {
>>> this.allowedOrigins = allowedOrigins;
>>> }
>>>
>>> @Override
>>> public Response handleRequest(Message m, ClassResourceInfo
>>> resourceClass) {
>>> if ("OPTIONS".equals(m.get(Message.HTTP_REQUEST_METHOD))) {
>>> OperationResourceInfo opResInfo =
>>> m.getExchange().get(OperationResourceInfo.class);
>>> if (opResInfo != null) { // OPTIONS method defined in
>>> service bean
>>> return null; // continue handling
>>> }
>>> return Response.status(Status.SERVICE_UNAVAILABLE).build();
>>> }
>>> List<String> values = headers.getRequestHeader(HEADER_ORIGIN);
>>> if (values != null ) {
>>> boolean allowed = true;
>>> if (allowedOrigins != null) {
>>> allowed = allowedOrigins.containsAll(values);
>>> }
>>> if (allowed) {
>>> m.getExchange().put(HEADER_ORIGIN, values);
>>> }
>>> }
>>> return null;
>>> }
>>>
>>> }
>>>
>>>
>>> --
>>> View this message in context:
>>> http://cxf.547215.n5.nabble.com/CORS-tp4970153p5001897.html
>>> Sent from the cxf-dev mailing list archive at Nabble.com.
>>>
>
>
> --
> Sergey Beryozkin
>
> http://sberyozkin.blogspot.com
>
> Talend Community Coders
> http://coders.talend.com/
>
