Support CORS request filtering #2163

otsakir · 2017-05-19T10:28:53Z

Currently no CORS related headers are returned in REST API responses preventing use of the API from UI clients on a different domain (RVD-ui).

Exceptions to CORS restrictions can be applied using a filter.

More fine grained control on which origins will be accepted will be added in a separate issue.

refers #2163

otsakir added REST API Security / Access Control / IDS/IPS labels May 19, 2017

otsakir added a commit that referenced this issue May 31, 2017

Added allow-all CORS filter

19ca966

refers #2163

otsakir added this to the RVD Milestone 4 milestone May 31, 2017

otsakir self-assigned this May 31, 2017

otsakir modified the milestones: Orestis Sprint 5, Orestis Milestone 4 Jun 13, 2017

otsakir changed the title ~~Support configurable/dynamic CORS request filtering~~ Support CORS request filtering Jun 13, 2017

otsakir modified the milestones: Orestis Milestone 4, Orestis Sprint 5 Jun 13, 2017

otsakir closed this as completed Jun 13, 2017

otsakir added a commit that referenced this issue Jun 16, 2017

Added allow-all CORS filter

a58dd00

refers #2163

gvagenas pushed a commit that referenced this issue Jan 13, 2022

Added allow-all CORS filter

b009ff4

refers #2163

Provide feedback