Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Why no OPTIONS request for the CrossOriginFilter?

We do have support in CrossOriginFilter for preflight / OPTIONS requests.

https://github.com/eclipse/jetty.project/blob/master/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/CrossOriginFilter.java#L227-L235
and
https://github.com/eclipse/jetty.project/blob/master/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/CrossOriginFilter.java#L329-L337

That should handle the cases you linked to.
Is there something else you are concerned about?
Not sure we understand what you are asking...


--
Joakim Erdfelt <joakim@xxxxxxxxxxx>
Expert advice, services and support from from the Jetty & CometD experts


On Fri, Jul 4, 2014 at 1:59 PM, Marcel Stör <marcel@xxxxxxxxxxxxxx> wrote:
CORS preflight requests are sent by the OPTIONS method[1]. Is there a particular reason why the CrossOriginFilter[2] does not support OPTIONS requests by default? It's easy to configure but I'd still be interested why I would need to configure that standard case at all.

Cheers,
Marcel

[1] http://tinyurl.com/nklyxju
[2] http://tinyurl.com/nd2mphc

--
Marcel Stör, http://frightanic.com
Couchsurfing: http://www.couchsurfing.com/people/marcelstoer
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users


Back to the top