Skip to content
/ grails3-cors-interceptor Public

Add Cross-Origin Resource Sharing (CORS) headers for Grails 3 applications.

License

MIT license
10 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

appcela/grails3-cors-interceptor

BranchesTags

Repository files navigation

grails3-cors-interceptor

Add Cross-Origin Resource Sharing (CORS) headers for Grails 3 applications.

Grails 3.2.2+

For Grails 3.2.2+, please use the Grails built-in CORS support, you no longer need this plugin.

Grails 3.0.x - 3.2.1 Only

This plugin will add a new Interceptor (see Grails 3 Interceptor API) to your Grails app that adds CORS headers to all your controllers and actions.

This plugin has only been tested with Grails 3.0., 3.0.15, 3.1.4 and 3.2.0, 3.2.1

  • for Grails 3.1.4+, please use version 1.2.1
  • for Grails 3.0.15+, please use version 0.1.5
  • for Grails 3.0.4 - 3.0.14, please use version 0.1.2

Grails 2.x

For Grails 2.x app, please use the execellent CORS Plugin. In fact, this plugin is based on the Grails 3 servlet filter code provided in the README by that plugin author. The filter code is rewritten as interceptor for this plugin.

Usage

1. Add Plugin Dependency

Add the following dependency to your Grails app,

build.gradle

compile "org.grails.plugins:grails3-cors-interceptor:1.2.1"

2. (Optional) Add HTTP OPTIONS Method URL Mapping

For Grails 3.1.4+, this step is no longer needed. Please skip it.

To support the preflight CORS request with HTTP OPTIONS method, url mappings for OPTIONS method must be added explicitly.

UrlMappings.groovy

"/books"(resources:'book') // mapping to REST resource "book"
"/books/$id?"(controller:'book', method: 'OPTIONS') // explicitly map OPTIONS method to "book" REST controller

3. (Optional) Configuration Settings

application.yml

corsInterceptor:
    includeEnvironments: ['development', 'test']
    excludeEnvironments: ['production']
    allowedOrigins: ['yourhost.com']
    allowedHeaders: ['my-authorization-header', 'origin', 'content-type', 'accept']
  • includeEnvironments - include this plugin only in the environments listed (default to all environments)
  • excludeEnvironments - exclude this plugin from the environments listed (default to null)
  • allowedOrigins - white list for allowed origins (default to all origins without restrictions)
  • allowedHeaders - custom headers to be used in "Access-Control-Allow-Headers" (default to ["origin", "authorization", "accept", "content-type", "x-requested-with"])

Working with Spring Security Core or Spring Security REST Plugins

See the sample app grails3-cors-interceptor-spring-security-rest-sample-app for detailed instructions on how to get grails3-cors-interceptor working with Spring Security Core or Spring Security REST plugin.

About

Add Cross-Origin Resource Sharing (CORS) headers for Grails 3 applications.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

10 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 10

v1.2.1 Latest
Oct 28, 2016
+ 9 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages