spring - Dart CORS doesn't work -


hello want make request spring server. i'm getting error because of restricted cors option. added filter because annotations doensn't work:

@component public class corsfilter implements filter {      public corsfilter() {      }      @override     public void dofilter(servletrequest req, servletresponse res, filterchain chain)             throws ioexception, servletexception {          httpservletrequest request = (httpservletrequest) req;         httpservletresponse response = (httpservletresponse) res;          response.setheader("access-control-allow-origin", "*");         response.setheader("access-control-allow-credentials", "true");         response.setheader("access-control-allow-methods", "post, get, options, delete");         response.setheader("access-control-max-age", "3600");         response.setheader("access-control-allow-headers", "content-type, accept, x-requested-with, remember-me");          chain.dofilter(request, response);     }     @override     public void init(filterconfig filterconfig) {     }     @override     public void destroy() {      }}

now problem is, cors filter won't work on dart request. on normal browser request header set not in dart http request.

is there solution fix problem?

update 23.09.2016: here http://pastebin.com/9knfx7jd problem filter not affected http call. when access file via url in browser works.

here ajax:

remote address:127.0.0.1:8090 request url:http://localhost:8090/time/time/login request method:options status code:401 unauthorized response headers view source cache-control:no-cache, no-store, max-age=0, must-revalidate connection:keep-alive content-length:114 content-type:text/html;charset=utf-8 date:fri, 23 sep 2016 12:57:55 gmt expires:0 pragma:no-cache server:wildfly/10 set-cookie:jsessionid=zikzlq-ialc6cdx7r6lhpz_8pid05q9ufod6gluz.ccn6dc2; path=/time www-authenticate:basic realm="realm" x-content-type-options:nosniff x-frame-options:deny x-powered-by:undertow/1 x-xss-protection:1; mode=block request headers view source accept:*/* accept-encoding:gzip, deflate, sdch accept-language:en-us,en;q=0.8 access-control-request-headers:content-type access-control-request-method:get connection:keep-alive host:localhost:8090 origin:http://localhost:8080 referer:http://localhost:8080/ user-agent:mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, gecko) chrome/45.0.2454.104 (dart) safari/537.36

and here without:

remote address:127.0.0.1:8090 request url:http://localhost:8090/time/time/login request method:get status code:200 ok response headers view source access-control-allow-origin:* cache-control:no-cache, no-store, max-age=0, must-revalidate connection:keep-alive content-length:5 content-type:text/html;charset=iso-8859-1 date:fri, 23 sep 2016 13:10:36 gmt expires:0 pragma:no-cache server:wildfly/10 set-cookie:jsessionid=nqfjgb2m7ovhvt9vunhtcjsxzvezv4wwh0ycrgfk.ccn6dc2; path=/time x-content-type-options:nosniff x-frame-options:deny x-powered-by:undertow/1 x-xss-protection:1; mode=block request headers view source accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 accept-encoding:gzip, deflate, sdch accept-language:en-us,en;q=0.8 authorization:basic c2tvymxlcjptmw1vbjuynzli cache-control:max-age=0 connection:keep-alive cookie:jsessionid=ohj4gvq8pfnv8hsuji49nrxqxovsvmm580ssrvjw.ccn6dc2 host:localhost:8090 upgrade-insecure-requests:1 user-agent:mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, gecko) chrome/45.0.2454.104 (dart) safari/537.36

edit 26.09.2016:

okay changed securityconfig this:

@override protected void configure(final httpsecurity http) throws exception { super.configure(http); http.addfilterbefore(new corsfilter(), channelprocessingfilter.class); http.authorizerequests().antmatchers(httpmethod.options).permitall(); http.authorizerequests().antmatchers("/**").authenticated(); } filter beeing called new error: response preflight has invalid http status code 401

headers: access-control-allow-origin:* cache-control:no-cache, no-store, max-age=0, must-revalidate connection:keep-alive content-length:114 content-type:text/html;charset=utf-8 date:mon, 26 sep 2016 12:30:39 gmt

it looks filter not applied options requests.
comment blog post indicates options requests need enabled explicitly:

https://spring.io/blog/2015/06/08/cors-support-in-spring-framework

one "gotcha" found when working cors spring mvc (when using filter or handlerinterceptor) , spring security need explicitly permit options requests handle pre-flight. w3c specification cors says pre-flight requests should not send credentials, have found browsers send credentials, , others don't. if don't permitall options 403 if browser not sending credentials.

will pre-flights requests need configured when using spring security or pre-flight handled before filter chain?

see


-

Comments

Post a Comment

Popular posts from this blog

angular - Is it possible to get native element for formControl? -

i've got angular2 reactive form . created formcontrol s , assigned input fields by [formcontrol]=... . understand creates nativeelement <-> formcontrol link. my question: possible nativeelement formcontrol ? wanna myformcontrol.nativeelement.focus() i can share 1 terrible solution works me. in reactive forms can use either 1) formcontroldirective ts mycontrol = new formcontrol('') template <input type="text" [formcontrol]="mycontrol"> or 2) formcontrolname ts myform: formgroup; constructor(private fb: formbuilder) {} ngoninit() { this.myform = this.fb.group({ foo: '' }); } template <form [formgroup]="myform"> <input type="text" formcontrolname="foo"> </form> so these directives write patch like 1) formcontroldirective const originformcontrolngonchanges = formcontroldirective.prototype.ngonchanges; formcontroldirective.proto
Read more

unity3d - Rotate an object to face an opposite direction -

i have object , b. when click on object b, rotates object b (a faces b). b doesn't face a. need following : when faces b, need face opposite direction. have code rotating @ b. how rotate face opposite direction after that? vector3 targetdirection = target - transform.position; float step = speed * time.deltatime; vector3 newdirection = vector3.rotatetowards (turretdome.transform.forward, targetdirection, step, 0.0f); turretdome.transform.rotation = quaternion.lookrotation (newdirection); you object facing object b, want inverse direction of object after that? objecta.transform.rotation = quaternion.inverse(objecta.transform.rotation) but lets assume example turretdome object a, (negate direction): turretdome.transform.rotation = quaternion.lookrotation (-newdirection); naturally, both of these snippets not show how smoothen rotation, seem know how use time.deltatime. just incase unsure, quaternion.lerp this
Read more

javascript - Why jQuery Select box change event is now working? -

i working on product filters user select select box according his/her preference not getting selected value user in jquery. html code:- <select name="product_filter" id="product_filter"> <option value="price_low_first">price : low high</option> <option value="price_high_first">price : high low</option> <option value="latest">latest</option> <option value="popular">most popular</option> </select> jquery code: $(function () { $("#product_filter").change(function () { alert("hi") var selectedtext = $(this).find("option:selected").text(); var selectedvalue = $(this).val(); alert("selected text: " + selectedtext + " value: " + selectedvalue); }); }); hi believe code perfect. once please check jquery.min.js
Read more