CODEWITHSUNDEEP
restcorsapache-camel
Zeitoun
Zeitoun

Reputation: 173

Cors configuration with camel

I have an AJAX request to my Rest Webservice with a custom Header "login".

Here is my rest configuration :

restConfiguration()
.component("netty4-http")
.bindingMode(RestBindingMode.json)
.dataFormatProperty("prettyPrint", "true")
.enableCORS(true)
.corsAllowCredentials(true)
.corsHeaderProperty("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, login")
.contextPath(contextPath).host(host).port(port);

I'm getting a 200 response to the OPTIONS preflight request but the "login" Header is not the Access-Control-Allow-Headers and my browser never send the actual request.

Also i have not done any configuration in my route for cors.

Here is my request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8

Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3

Accept-Encoding: gzip, deflate

Access-Control-Request-Method: GET

Access-Control-Request-Headers: login

Origin: http://127.0.0.1:8081

DNT: 1

Connection: keep-alive

And responce headers :

content-length: 0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3

Access-Control-Allow-Credentials: true

Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH

Access-Control-Allow-Origin: http://127.0.0.1:8081

Access-Control-Max-Age: 3600

Access-Control-Request-Headers: login

Access-Control-Request-Method: GET

breadcrumbId: ID-resitt-ws-1521624297667-0-6

DNT: 1

Origin: http://127.0.0.1:8081

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0

connection: keep-alive (modifié)

I feel like my cors configuration doesn't change anything to my situation.

Upvotes: 1

Views: 2673

Answers (2)

raisercostin
raisercostin

Reputation: 9189

In my case the CORS headers wheren't in http response when the camel thrown an exception and returned a 500 error.

Upvotes: 0

Zeitoun
Zeitoun

Reputation: 173

We found an answer, .enableCORS(true) must be placed after .contextPath(contextPath).host(host).port(port) line.

like this 

restConfiguration()
.component("netty4-http")
.bindingMode(RestBindingMode.json)
.dataFormatProperty("prettyPrint", "true")
.contextPath(contextPath).host(host).port(port)
.enableCORS(true)
.corsAllowCredentials(true)
.corsHeaderProperty("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, login");

Upvotes: 5

Related Questions