Closed m1h43l closed 4 years ago
But CORS is just headers - You can add as manu you like. What am I missing?
The problem is that there is currently no API to add HTTP headers to the response. I once started it but failed due to the string handling in C. #19 is still open.
In the first step we could add the default CORS headers for making the REST service available for everybody. But in the second step we need to add some configuration who may use the REST service and the plugin should then add the corresponding CORS headers if the requestor is valid.
This means that we need to make the configuration available to the plugins and servlets (perhaps via a noxdb graph).
Same problems with the BasicAuth plugin. We need to have the realm configurable and the possibility to add HTTP headers to the response.
There is another open issue #11 which could help with this. Why not having separate programs for loading the configuration (different implemenation: json, yaml, database, rest service). The program could build the noxdb graph and pass it to the ileastic service:
il_setConfiguration(configuration pointer);
If #85 is done then we could implement end point specific CORS header because we can identify the endpoint in the plugin.
CORS support was added with pull request #93
Many JavaScript application need CORS support for their REST services if JSONP is not used.