[MGNLDEMO-312] Travel demo should add CORS headers to images and assets Created: 12/Mar/19  Updated: 25/Jun/20

Status: Open
Project: Magnolia Demo Projects
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: Christopher Zimmermann Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to MGNLDEMO-272 Use official AddHeadersFilter instead... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)

 Description   

User Story:

As a developer i want to get images and assets from magnolia demo project from other systems without any CORS problems so that I can test, demo, and evaluate full headless applications on Magnolia.

Acceptance Criteria

Requests for /.imaging/ and /dam/ urls will get all proper CORS headers.

Requests for /.rest/ will continue to get CORS headers.

Suggestion

Under the current /server/filters/addCORSHeaders/bypasses,

replace the "bypassForEverythingElseThanRest" with something like the following:

doNotBypassRestAndDamAndImaging 
class: info.magnolia.voting.voters.URIRegexVoter
not: true 
pattern: ^\/(\.imaging|\.rest|dam)\/(.*)

 

(Note: I tried this simpler way previously - but it does not seem to work because of the dots.)

doNotBypassRestAndDamAndImaging
  class: info.magnolia.voting.voters.URIPatternVoter
  not: true
  pattern: /(.rest|.imaging|dam)/*

 

 

 


Generated at Mon Feb 12 05:18:25 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.