[MGNLREST-258] Provide default CORS configuration Created: 25/Jun/20 Updated: 23/Oct/23 Resolved: 09/Nov/20 |
|
| Status: | Closed |
| Project: | Magnolia REST Framework |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major |
| Reporter: | Christopher Zimmermann | Assignee: | Unassigned |
| Resolution: | Obsolete | Votes: | 1 |
| Labels: | freetrials | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||||||
| Issue Links: |
|
||||||||||||||||
| Template: |
|
||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||
| Task DoR: |
Empty
|
||||||||||||||||
| Date of First Response: | |||||||||||||||||
| Epic Link: | Headless Phase 2 | ||||||||||||||||
| Description |
|
It is currently a finicky and error-prone step to enable a basic CORS configuration such that a developer can access Magnolia REST endpoints. It can be done with a Java install task, but this is not available in Light Development. Even with the 'content-importer' no ordering of nodes is possible. To solve this we could provide a default CORS configuration in the filter chain, positioned in the correct location in the chain. The filter has 'enabled: false' set so that a developer still has to enable it for it to take effect and allow cross origin access. I would propose the same configuration that is used for the travel demo. See attached YAML bootstrap file. The configuration should not be applied if an 'addCORSFilter' named node is already in place. — With this, then a developer only needs to enable the filter, this could be done either manually or with a bootstrap file. In the future possibly a YAML decorator can also be used. — This is increasingly relevant as more customers use Magnolia in a headless fashion. |
| Comments |
| Comment by Christopher Zimmermann [ 03/Sep/20 ] |
|
This will probably be rendered obsolete by: |