Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Why no OPTIONS request for the CrossOriginFilter?


On Wed, Jul 9, 2014 at 7:11 AM, Marcel Stör <marcel@xxxxxxxxxxxxxx> wrote:
> On 09.07.2014 01:15, Joakim Erdfelt wrote:
>> We do have support in CrossOriginFilter for preflight / OPTIONS requests.
> Yes, you do.
>> Is there something else you are concerned about?
>> Not sure we understand what you are asking...
> The documentation says that the OPTIONS method be not supported /by
> default/:
> "allowedMethods
> a comma separated list of HTTP methods that are allowed to be used when
> accessing the resources. Default value is GET,POST"
> However, I just noticed that the Javadoc, and the implementation, says
> something else:
> "Default value is GET,POST,HEAD"
> So, it looks like both the Javadoc and the documentation should be updated
> to reflect that all four of GET, POST, HEAD and OPTIONS are supported by
> default.

I have updated the documentation.
OPTIONS is not a method you use to retrieve resources, so does not
belong to allowedMethods.

Thanks !

Simone Bordet
Developer advice, training, services and support
from the Jetty & CometD experts.
Intalio, the modern way to build business applications.

Back to the top