Uploaded image for project: 'Magnolia REST Framework'
  1. Magnolia REST Framework
  2. MGNLREST-147

Rest tools are limited to run only from one configured domain

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Neutral Neutral
    • None
    • None
    • None
    • None

      Problem is that swagger is limited to run only from one configured domain(apiBasepath) and we are not support any kind of authentication(https://swagger.io/docs/specification/authentication/).

      Example:
      https://demo.magnolia-cms.com
      https://demoauthor.magnolia-cms.com
      Rest tool apiBasepath is configured to = https://demo.magnolia-cms.com/.rest

      Then Rest Tools app works correctly if visited via https://demo.magnolia-cms.com, credentials of logged user are used(JSESSION).

      If visited from https://demoauthor.magnolia-cms.com then "Can't read from server. It may not have the appropriate access-control-origin settings." occurs. We can use link CORS filter module to allow cross-origin resource sharing, but this doesn't help because we are accessing rest from different domain so all request are done by anonymous user

        Acceptance criteria

              Unassigned Unassigned
              mdivilek Milan Divilek
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:

                  Task DoR