search

mendix / RestServices

REST service module for Mendix. Supports consuming and publishing REST based services and real-time data synchronization. Supports JSON, form-encoded, multipart and binary data transport.
Apache License 2.0
31 stars 46 forks source link

CORS support #76

Closed rdekkers closed 8 years ago

rdekkers commented 8 years ago

Is there a clean way to support CORS?

JelleDekker commented 8 years ago

I'm also very curious about this

ako commented 8 years ago

What is the use case for this?

Verstuurd vanaf mijn iPhone

Op 20 apr. 2016 om 15:11 heeft Jelle notifications@github.com het volgende geschreven:

I'm also very curious about this

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub

JelleDekker commented 8 years ago

In my case, another application wants to use our data by calling the rest-service client-side from their application, via https.

rdekkers commented 8 years ago

The Rest client calls services outside the domain of the code base. If the client requires CORS support (e.g. javascript in a browser) then there will be preflights with method OPTIONS.

ako commented 8 years ago

You mean a non Mendix JavaScript rest client? Not the rest module as a client?

We will not add this short term to the rest module. We are working on native rest in the Mendix platform. We can consider it there, but will not be first priority.

If you need if, you can of course add the functionality yourself in the source on github.

Verstuurd vanaf mijn iPhone

Op 20 apr. 2016 om 17:24 heeft rdekkers notifications@github.com het volgende geschreven:

The Rest client calls services outside the domain of the code base. If the client requires CORS support (e.g. javascript in a browser) then there will be preflights with method OPTIONS.

— You are receiving this because you commented. Reply to this email directly or view it on GitHub

JelleDekker commented 8 years ago

I mean a published rest service via the Mendix rest module, which is called from a non-Mendix client yes.

I'll look in the source code then, thanks. Native rest in Mendix sounds exiting.

Op 20 apr. 2016 om 17:39 heeft Andrej Koelewijn notifications@github.com het volgende geschreven:

You mean a non Mendix JavaScript rest client? Not the rest module as a client?

We will not add this short term to the rest module. We are working on native rest in the Mendix platform. We can consider it there, but will not be first priority.

If you need if, you can of course add the functionality yourself in the source on github.

Verstuurd vanaf mijn iPhone

Op 20 apr. 2016 om 17:24 heeft rdekkers notifications@github.com het volgende geschreven:

The Rest client calls services outside the domain of the code base. If the client requires CORS support (e.g. javascript in a browser) then there will be preflights with method OPTIONS.

— You are receiving this because you commented. Reply to this email directly or view it on GitHub

— You are receiving this because you commented. Reply to this email directly or view it on GitHub

JelleDekker commented 8 years ago

What is the roadmap/timeframe for native REST in Mendix, and will it include CORS?

mweststrate commented 8 years ago

Note that you should be able to set your own CORS headers on individual microflows published by the Rest services module using setResponseHeader java action. For the explanation of CORS headers see https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

You could also consider fixing this on nginx level which might be a more appropriate place, depending on your hosting solution and acceptability of security implications.