Sebastian Germesin created STANBOL-616:
------------------------------------------
Summary: Wrong CORS Response
Key: STANBOL-616
URL: https://issues.apache.org/jira/browse/STANBOL-616
Project: Stanbol
Issue Type: Bug
Components: Entity Hub
Affects Versions: 0.9.0-incubating, 0.10.0-incubating
Reporter: Sebastian Germesin
I just had a look at the CORS support in Stanbol and I have a question to that.
In the CORS specification [1], I read that in a CORS request with a preflight
the client sets the request header:
Access-Control-Request-Headers: .... (let's say: origin, content-type, accept)
Access-Control-Request-Method: .... (let's say: POST)
and the server (in this case Stanbol) answers with:
Access-Control-Allow-Headers: ... (let's say: origin, content-type, accept)
Access-Control-Allow-Origin: ... (let's say: *)
Access-Control-Allow-Method: (let's say: GET, POST, OPTIONS)
However, when I perform a query to the Entityhub, e.g.,
http://dev.iks-project.eu:8081/entityhub/entity/
Stanbol answers correctly with
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Origin: *
BUT:
Access-Control-Request-Method: GET, POST, OPTIONS
instead of
Access-Control-Allow-Method: GET, POST, OPTIONS
Gladly, for the GET and POST requests that somehow works anyways, but for a PUT
and DELETE request
that fails again.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
