Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

return expose-headers from POST as well as preflight

  • Loading branch information...
commit 979715a4d3f4e6bd2803e418e7bb16193031f692 1 parent 11d8e62
authored October 09, 2012
52  cors/preflight.http
... ...
@@ -0,0 +1,52 @@
  1
+OPTIONS /games HTTP/1.1
  2
+Host: monty-hall.cloudfoundry.com
  3
+User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
  4
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  5
+Accept-Language: en-us,en;q=0.5
  6
+Accept-Encoding: gzip,deflate
  7
+Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
  8
+Keep-Alive: 115
  9
+Connection: keep-alive
  10
+Origin: null
  11
+Access-Control-Request-Method: POST
  12
+Access-Control-Request-Headers: x-test-1349811727014
  13
+
  14
+->
  15
+HTTP/1.1 200 OK
  16
+Server: nginx
  17
+Date: Tue, 09 Oct 2012 19:42:07 GMT
  18
+Connection: keep-alive
  19
+Keep-Alive: timeout=20
  20
+Access-Control-Allow-Origin: *
  21
+Access-Control-Allow-Methods: GET, PUT, POST
  22
+Access-Control-Allow-Headers: x-test-1349811727014
  23
+Access-Control-Max-Age: 300
  24
+Access-Control-Expose-Headers: Location, ETag
  25
+Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
  26
+Content-Length: 0
  27
+
  28
+POST /games HTTP/1.1
  29
+Host: monty-hall.cloudfoundry.com
  30
+User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
  31
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  32
+Accept-Language: en-us,en;q=0.5
  33
+Accept-Encoding: gzip,deflate
  34
+Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
  35
+Keep-Alive: 115
  36
+Connection: keep-alive
  37
+X-Test-1349811727014: 1349811727014
  38
+Origin: null
  39
+Pragma: no-cache
  40
+Cache-Control: no-cache
  41
+Content-Length: 0
  42
+
  43
+->
  44
+HTTP/1.1 201 Created
  45
+Server: nginx
  46
+Access-Control-Expose-Headers: Location, ETag
  47
+Date: Tue, 09 Oct 2012 19:42:07 GMT
  48
+Keep-Alive: timeout=20
  49
+Location: http://monty-hall.cloudfoundry.com/games/6377614539704418927
  50
+Access-Control-Allow-Origin: *
  51
+Connection: keep-alive
  52
+Content-Length: 0
3  src/main/java/org/springsource/samples/montyhall/web/CorsInterceptor.java
@@ -25,6 +25,7 @@ public void postHandle(HttpServletRequest request, HttpServletResponse response,
25 25
 	                       ModelAndView modelAndView) {
26 26
 		// Our REST API is accessible from anywhere
27 27
 		response.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
  28
+		response.setHeader(ACCESS_CONTROL_EXPOSE_HEADERS, EXPOSED_HEADERS);
28 29
 	}
29 30
 
30 31
 	@Override
@@ -39,7 +40,7 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
39 40
 		if (hasValue(origin) && hasValue(acRequestMethod)) {
40 41
 			// this is a preflight check
41 42
 			// our API only needs this for PUT requests, anything we can PUT we can also GET
42  
-			response.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN,origin);
  43
+			response.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN,"*");
43 44
 			response.addHeader(ACCESS_CONTROL_ALLOW_METHODS, ALLOWED_METHODS);
44 45
 			response.setHeader(ACCESS_CONTROL_ALLOW_HEADERS,acRequestHeaders);
45 46
 			response.setHeader(ACCESS_CONTROL_MAX_AGE,CACHE_SECONDS);

0 notes on commit 979715a

Please sign in to comment.
Something went wrong with that request. Please try again.