Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-22 Thread Sanjeewa Malalgoda 
If we set it in velosity it will effect to all tenants in the system. But
if we change it in sequence level different tenants can have their own
configs.
Setting 15 minutes from code looks ok for me. But when we override it we
should let users to change it as they need.

Thanks,
sanjeewa.

On Wed, Nov 23, 2016 at 11:28 AM, Abimaran Kugathasan 
wrote:

> Hi Nuwan,
>
> Shall we have a default value as 15 mins in code level, and let the API
> developer decide to add this property if he wants to increase it.
>
> WDYT?
>
> On Fri, Nov 18, 2016 at 10:41 PM, Abimaran Kugathasan 
> wrote:
>
>> I thought of setting it through in velocity template.
>>
>> On Fri, Nov 18, 2016 at 10:17 PM, Nuwan Dias  wrote:
>>
>>> Can't we use the _cors_request_handler_ sequence to set this value?
>>> Users don't  have access to the synapse api xml file. And even if they
>>> change it, it'll be overriden when you save again unless its set in the
>>> velocity template as well. So if we can maintain it at the sequence these
>>> shouldn't be a problem.
>>>
>>> On Fri, Nov 18, 2016 at 5:28 PM, Abimaran Kugathasan 
>>> wrote:
>>>
 Hi Jo/Nuwan,

 We have to set the property like below. Shall we have 15 mins as the
 default value in code level and let API Developer to override it through
 api synapse xml file like below?

 >>> class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
 
 
 


 On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka 
 wrote:

> +1 to merge the fix to carry this forward better if we can add this to
> the publisher UI as well.
>
> Thanks
> Jo
>
> On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan <
> abima...@wso2.com> wrote:
>
>> Hi Dev,
>>
>> CORS specification allows caching the preflight response for a
>> certain number of seconds through Access-Control-Max-Age header [1] .
>>
>> Some browsers have this feature by default which overrides this
>> header if the value specified is greater than their value[2]
>>
>> Firefox - 24 hours
>> Chrome - 10 minutes
>> Chromium - 5 seconds
>>
>> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
>> Please review and provide feedback.
>>
>>
>> [1] : https://www.w3.org/TR/cors/#access-control-max-age-respons
>> e-header
>> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
>> Access-Control-Max-Age
>> [3] : https://github.com/wso2/carbon-apimgt/pull/3114
>>
>>
>> --
>> Thanks
>> Abimaran Kugathasan
>> Senior Software Engineer - API Technologies
>>
>> Email : abima...@wso2.com
>> Mobile : +94 773922820
>>
>> 
>> 
>>   
>>   
>>
>>
>
>
> --
>
> --
> *Joseph Fonseka*
> WSO2 Inc.; http://wso2.com
> lean.enterprise.middleware
>
> mobile: +94 772 512 430
> skype: jpfonseka
>
> * *
>
>


 --
 Thanks
 Abimaran Kugathasan
 Senior Software Engineer - API Technologies

 Email : abima...@wso2.com
 Mobile : +94 773922820

 
 
   
 


>>>
>>>
>>> --
>>> Nuwan Dias
>>>
>>> Software Architect - WSO2, Inc. http://wso2.com
>>> email : nuw...@wso2.com
>>> Phone : +94 777 775 729
>>>
>>
>>
>>
>> --
>> Thanks
>> Abimaran Kugathasan
>> Senior Software Engineer - API Technologies
>>
>> Email : abima...@wso2.com
>> Mobile : +94 773922820
>>
>> 
>> 
>>   
>> 
>>
>>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> 
> 
>   
> 
>
>


-- 

*Sanjeewa Malalgoda*
WSO2 Inc.
Mobile : +94713068779

blog
:http://sanjeewamalalgoda.blogspot.com/

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-22 Thread Abimaran Kugathasan 
Hi Nuwan,

Shall we have a default value as 15 mins in code level, and let the API
developer decide to add this property if he wants to increase it.

WDYT?

On Fri, Nov 18, 2016 at 10:41 PM, Abimaran Kugathasan 
wrote:

> I thought of setting it through in velocity template.
>
> On Fri, Nov 18, 2016 at 10:17 PM, Nuwan Dias  wrote:
>
>> Can't we use the _cors_request_handler_ sequence to set this value? Users
>> don't  have access to the synapse api xml file. And even if they change it,
>> it'll be overriden when you save again unless its set in the velocity
>> template as well. So if we can maintain it at the sequence these shouldn't
>> be a problem.
>>
>> On Fri, Nov 18, 2016 at 5:28 PM, Abimaran Kugathasan 
>> wrote:
>>
>>> Hi Jo/Nuwan,
>>>
>>> We have to set the property like below. Shall we have 15 mins as the
>>> default value in code level and let API Developer to override it through
>>> api synapse xml file like below?
>>>
>>> >> class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
>>> 
>>> 
>>> 
>>>
>>>
>>> On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka  wrote:
>>>
 +1 to merge the fix to carry this forward better if we can add this to
 the publisher UI as well.

 Thanks
 Jo

 On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan  wrote:

> Hi Dev,
>
> CORS specification allows caching the preflight response for a certain
> number of seconds through Access-Control-Max-Age header [1] .
>
> Some browsers have this feature by default which overrides this header
> if the value specified is greater than their value[2]
>
> Firefox - 24 hours
> Chrome - 10 minutes
> Chromium - 5 seconds
>
> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
> Please review and provide feedback.
>
>
> [1] : https://www.w3.org/TR/cors/#access-control-max-age-respons
> e-header
> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
> Access-Control-Max-Age
> [3] : https://github.com/wso2/carbon-apimgt/pull/3114
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> 
> 
>   
> 
>
>


 --

 --
 *Joseph Fonseka*
 WSO2 Inc.; http://wso2.com
 lean.enterprise.middleware

 mobile: +94 772 512 430
 skype: jpfonseka

 * *


>>>
>>>
>>> --
>>> Thanks
>>> Abimaran Kugathasan
>>> Senior Software Engineer - API Technologies
>>>
>>> Email : abima...@wso2.com
>>> Mobile : +94 773922820
>>>
>>> 
>>> 
>>>   
>>> 
>>>
>>>
>>
>>
>> --
>> Nuwan Dias
>>
>> Software Architect - WSO2, Inc. http://wso2.com
>> email : nuw...@wso2.com
>> Phone : +94 777 775 729
>>
>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> 
> 
>   
> 
>
>


-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820


  
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-18 Thread Abimaran Kugathasan 
I thought of setting it through in velocity template.

On Fri, Nov 18, 2016 at 10:17 PM, Nuwan Dias  wrote:

> Can't we use the _cors_request_handler_ sequence to set this value? Users
> don't  have access to the synapse api xml file. And even if they change it,
> it'll be overriden when you save again unless its set in the velocity
> template as well. So if we can maintain it at the sequence these shouldn't
> be a problem.
>
> On Fri, Nov 18, 2016 at 5:28 PM, Abimaran Kugathasan 
> wrote:
>
>> Hi Jo/Nuwan,
>>
>> We have to set the property like below. Shall we have 15 mins as the
>> default value in code level and let API Developer to override it through
>> api synapse xml file like below?
>>
>> > class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
>> 
>> 
>> 
>>
>>
>> On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka  wrote:
>>
>>> +1 to merge the fix to carry this forward better if we can add this to
>>> the publisher UI as well.
>>>
>>> Thanks
>>> Jo
>>>
>>> On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan 
>>> wrote:
>>>
 Hi Dev,

 CORS specification allows caching the preflight response for a certain
 number of seconds through Access-Control-Max-Age header [1] .

 Some browsers have this feature by default which overrides this header
 if the value specified is greater than their value[2]

 Firefox - 24 hours
 Chrome - 10 minutes
 Chromium - 5 seconds

 Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
 Please review and provide feedback.


 [1] : https://www.w3.org/TR/cors/#access-control-max-age-respons
 e-header
 [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
 Access-Control-Max-Age
 [3] : https://github.com/wso2/carbon-apimgt/pull/3114


 --
 Thanks
 Abimaran Kugathasan
 Senior Software Engineer - API Technologies

 Email : abima...@wso2.com
 Mobile : +94 773922820

 
 
   
 


>>>
>>>
>>> --
>>>
>>> --
>>> *Joseph Fonseka*
>>> WSO2 Inc.; http://wso2.com
>>> lean.enterprise.middleware
>>>
>>> mobile: +94 772 512 430
>>> skype: jpfonseka
>>>
>>> * *
>>>
>>>
>>
>>
>> --
>> Thanks
>> Abimaran Kugathasan
>> Senior Software Engineer - API Technologies
>>
>> Email : abima...@wso2.com
>> Mobile : +94 773922820
>>
>> 
>> 
>>   
>> 
>>
>>
>
>
> --
> Nuwan Dias
>
> Software Architect - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729
>



-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820


  
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-18 Thread Nuwan Dias 
Can't we use the _cors_request_handler_ sequence to set this value? Users
don't  have access to the synapse api xml file. And even if they change it,
it'll be overriden when you save again unless its set in the velocity
template as well. So if we can maintain it at the sequence these shouldn't
be a problem.

On Fri, Nov 18, 2016 at 5:28 PM, Abimaran Kugathasan 
wrote:

> Hi Jo/Nuwan,
>
> We have to set the property like below. Shall we have 15 mins as the
> default value in code level and let API Developer to override it through
> api synapse xml file like below?
>
>  class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
> 
> 
> 
>
>
> On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka  wrote:
>
>> +1 to merge the fix to carry this forward better if we can add this to
>> the publisher UI as well.
>>
>> Thanks
>> Jo
>>
>> On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan 
>> wrote:
>>
>>> Hi Dev,
>>>
>>> CORS specification allows caching the preflight response for a certain
>>> number of seconds through Access-Control-Max-Age header [1] .
>>>
>>> Some browsers have this feature by default which overrides this header
>>> if the value specified is greater than their value[2]
>>>
>>> Firefox - 24 hours
>>> Chrome - 10 minutes
>>> Chromium - 5 seconds
>>>
>>> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
>>> Please review and provide feedback.
>>>
>>>
>>> [1] : https://www.w3.org/TR/cors/#access-control-max-age-response-header
>>> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
>>> Access-Control-Max-Age
>>> [3] : https://github.com/wso2/carbon-apimgt/pull/3114
>>>
>>>
>>> --
>>> Thanks
>>> Abimaran Kugathasan
>>> Senior Software Engineer - API Technologies
>>>
>>> Email : abima...@wso2.com
>>> Mobile : +94 773922820
>>>
>>> 
>>> 
>>>   
>>> 
>>>
>>>
>>
>>
>> --
>>
>> --
>> *Joseph Fonseka*
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: +94 772 512 430
>> skype: jpfonseka
>>
>> * *
>>
>>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> 
> 
>   
> 
>
>


-- 
Nuwan Dias

Software Architect - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-18 Thread Abimaran Kugathasan 
Hi Jo/Nuwan,

We have to set the property like below. Shall we have 15 mins as the
default value in code level and let API Developer to override it through
api synapse xml file like below?







On Thu, Nov 3, 2016 at 11:57 AM, Joseph Fonseka  wrote:

> +1 to merge the fix to carry this forward better if we can add this to the
> publisher UI as well.
>
> Thanks
> Jo
>
> On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan 
> wrote:
>
>> Hi Dev,
>>
>> CORS specification allows caching the preflight response for a certain
>> number of seconds through Access-Control-Max-Age header [1] .
>>
>> Some browsers have this feature by default which overrides this header if
>> the value specified is greater than their value[2]
>>
>> Firefox - 24 hours
>> Chrome - 10 minutes
>> Chromium - 5 seconds
>>
>> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
>> Please review and provide feedback.
>>
>>
>> [1] : https://www.w3.org/TR/cors/#access-control-max-age-response-header
>> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
>> Access-Control-Max-Age
>> [3] : https://github.com/wso2/carbon-apimgt/pull/3114
>>
>>
>> --
>> Thanks
>> Abimaran Kugathasan
>> Senior Software Engineer - API Technologies
>>
>> Email : abima...@wso2.com
>> Mobile : +94 773922820
>>
>> 
>> 
>>   
>> 
>>
>>
>
>
> --
>
> --
> *Joseph Fonseka*
> WSO2 Inc.; http://wso2.com
> lean.enterprise.middleware
>
> mobile: +94 772 512 430
> skype: jpfonseka
>
> * *
>
>


-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820


  
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-03 Thread Joseph Fonseka 
+1 to merge the fix to carry this forward better if we can add this to the
publisher UI as well.

Thanks
Jo

On Thu, Nov 3, 2016 at 11:28 AM, Abimaran Kugathasan 
wrote:

> Hi Dev,
>
> CORS specification allows caching the preflight response for a certain
> number of seconds through Access-Control-Max-Age header [1] .
>
> Some browsers have this feature by default which overrides this header if
> the value specified is greater than their value[2]
>
> Firefox - 24 hours
> Chrome - 10 minutes
> Chromium - 5 seconds
>
> Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3].
> Please review and provide feedback.
>
>
> [1] : https://www.w3.org/TR/cors/#access-control-max-age-response-header
> [2] : https://developer.mozilla.org/en-US/docs/Web/HTTP/
> Headers/Access-Control-Max-Age
> [3] : https://github.com/wso2/carbon-apimgt/pull/3114
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> 
> 
>   
> 
>
>


-- 

-- 
*Joseph Fonseka*
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94 772 512 430
skype: jpfonseka

* *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [APIM][CORS] Caching preflight response in API Console

2016-11-03 Thread Abimaran Kugathasan 
Hi Dev,

CORS specification allows caching the preflight response for a certain
number of seconds through Access-Control-Max-Age header [1] .

Some browsers have this feature by default which overrides this header if
the value specified is greater than their value[2]

Firefox - 24 hours
Chrome - 10 minutes
Chromium - 5 seconds

Mathieu(https://github.com/mathieu-pousse) has sent a PR though [3]. Please
review and provide feedback.


[1] : https://www.w3.org/TR/cors/#access-control-max-age-response-header
[2] :
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
[3] : https://github.com/wso2/carbon-apimgt/pull/3114


-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820


  
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev