[ https://issues.apache.org/jira/browse/KNOX-634?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay resolved KNOX-634. ------------------------------ Resolution: Fixed > CORS Support as Part of WebAppSec Provider > ------------------------------------------ > > Key: KNOX-634 > URL: https://issues.apache.org/jira/browse/KNOX-634 > Project: Apache Knox > Issue Type: Improvement > Components: Server > Reporter: Larry McCay > Assignee: Larry McCay > Fix For: 0.7.0 > > > Currently, CORS support exists only within the SSOCookieProvider in order to > accommodate browser based REST calls from apps that are served from a > different origin. > Refactoring this out to a separately configurable provider allows it to be > used with any authentication provider. Although we may need to deal with > preflight requests from the browser in (or around) the other > authentication/federation providers. OPTIONS requests will need to be able to > get through without being authenticated - or at least handled in the CORS > provider with a pivot that satisfies the preflight request. This will be done > in follow up JIRAs as appropriate. > {code} > <provider> > <role>webappsec</role> > <name>WebAppSec</name> > <enabled>true</enabled> > <param> > <name>cors.enabled</name> > <value>true</value> > </param> > </provider> > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)