Closed javaConductor closed 9 years ago
Done. CORS, Compression, ClientCaching
Should be possible to NOT use the LDAP plugin, because it requires spring-ldap-template.
I do suggest adding at least an additional constructor that do not register any plugin. Perhaps use configuration methods for each built-in plugin. E.g.
def pm = PluginMgr.instance().useCORS().useCOMPRESSION()
Ldap is becoming an external plugin in 0.9.8. I didnt really want a Spring dependency. Registered just means that gServ knows about it but no server instance is using it til declared.
I cloned and changed relevant parts of the plugin-mgr to
private def PluginMgr() {}
def useCORS() {
register('cors', CorsPlugin.class)
return this
}
def useCACHING() {
register('caching', CachingPlugin.class)
return this
}
def useCOMPRESSION() {
register('compression', CompressionPlugin.class)
return this
}
def useLDAP() {
register('ldap', LdapPlugin.class)
return this
}
def useALL() {
useCORS()
useCACHING()
useCOMPRESSION()
useLDAP()
return this
}
I also changed all requestContext.responseHeaders.add
into requestContext.responseHeaders.put
in CorsPlugin, because it was throwing method-not-found errors.
However, stopped working on this as I couldn't get CORS working anyway. Perhaps, I working example might shed some light on this.
Clone the latest in the 0.9.7 branch - the CORS plugin is NOW working.
Working example: https://github.com/javaConductor/gservExamples
SubProject: CrossSiteScripting
The example serves content on 60000 and the REST service on 60001.
Lee
OK. Looks better now. However, I modified the demo code (incl index.html) to blacklist localhost and expected HTTP failure. But got HTTP 200. With the following changes below, I expected the hidden link to fail. Am I missing something?
cors('/internal', whiteList(3600, hostListWithLocalhost))
cors('/hidden', blackList(3600, hostListWithLocalhost))
//...
get('/hidden'){ ->
write( "This is the HIDDEN message.")
}
I updated the examples with a BlackList test as you described. It works in the example. Let me know if this is representative of what your code does. As a rule, if it is allowed as WhiteList it is NOT allowed as a BlackList.
Tried it and even commented out the whiteList line, but still get HTTP 200. i.e. no rejection. To clarify: clicking on the "show hidden" button, should render an error message, not show the "This is the hidden message." message. What am I missing?
Get the latest from 0.9.7 branch and it should work. I see an error msg when i try.
If you have to register it then its NOT built-in.