CORS configuration in the admin

[danielniccoli]

Original author: ste...@konink.de (October 03, 2011 12:32:43)

What steps will reproduce the problem?

1. Currently we can configure caching in the admin.
2. What about configuring cross-origin resource sharing?
3. http://www.w3.org/TR/cors/

What is the expected output? What do you see instead? Based on the selection, Cherokee should add headers. This could be a wizard, but I rather see it as options in the admin.

Original issue: http://code.google.com/p/cherokee/issues/detail?id=1274

[danielniccoli]

From alobbs on October 03, 2011 22:05:49 Stefan,

Please, provide a step-by-step description of how to reproduce the problem - and, just in case, a description of what the actual problem is. -- Thanks.

[danielniccoli]

From ste...@konink.de on October 03, 2011 22:11:21 In principle from the admin I would like to be able to configure CORS in a human-understandable way. Similar what we do to cache-control. Practically the cherokee-admin should configure what headers should be added.

Which the following are the headers presented; 4.1. Access-Control-Allow-Origin Response Header 4.2. Access-Control-Allow-Credentials Response Header 4.3. Access-Control-Expose-Headers Response Header 4.4. Access-Control-Max-Age Response Header 4.5. Access-Control-Allow-Methods Response Header 4.6. Access-Control-Allow-Headers Response Header 4.7. Origin Request Header 4.8. Access-Control-Request-Method Request Header 4.9. Access-Control-Request-Headers Request Header

Is this a better description or does a use case still lack?