Uploaded image for project: 'Magnolia REST Framework'
  1. Magnolia REST Framework
  2. MGNLREST-147

Rest tools are limited to run only from one configured domain

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Neutral
    • None
    • None
    • None
    • None

    Description

      Problem is that swagger is limited to run only from one configured domain(apiBasepath) and we are not support any kind of authentication(https://swagger.io/docs/specification/authentication/).

      Example:
      https://demo.magnolia-cms.com
      https://demoauthor.magnolia-cms.com
      Rest tool apiBasepath is configured to = https://demo.magnolia-cms.com/.rest

      Then Rest Tools app works correctly if visited via https://demo.magnolia-cms.com, credentials of logged user are used(JSESSION).

      If visited from https://demoauthor.magnolia-cms.com then "Can't read from server. It may not have the appropriate access-control-origin settings." occurs. We can use link CORS filter module to allow cross-origin resource sharing, but this doesn't help because we are accessing rest from different domain so all request are done by anonymous user

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                mdivilek Milan Divilek
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:

                  Checklists

                    Task DoR