Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a little logic to CORS config processing and significantly update the CORS doc #8212

Merged
merged 1 commit into from
Jan 11, 2024

Conversation

tjquinno
Copy link
Member

@tjquinno tjquinno commented Jan 8, 2024

Description

Resolves #8026

The change in 4.x in how built-in features such as metrics and health are automatically discovered and activated did not revise the CORS doc so the descriptions particularly for how to control the CORS behavior for those features had fallen out of step with how Helidon behaves.

Also, because these services no longer require explicit developer code to add them to an SE web server, we needed to allow CORS to rely on configuration to establish the settings for those services.

This PR contains two important changes:

  1. It adds logic to the CORS Aggregator to allow the user to set up CORS behavior for any endpoint--including the built-in services--using only configuration.

    (The role of the Aggregator in CORS has always been to pull together the CORS set-up from multiple places: explicitly coded CorsSupport instances, config, and MP annotations.)

  2. It significantly updates the CORS-related doc:

    1. The doc now emphasizes the config-only approach and recommend it. This is much simpler, and it is functionally equivalent to the previous way in which developers created one or more CorsSupport instances and included it them in the routing for their services or endpoints.
    2. The doc now (correctly) describes how to control CORS for the built-in services--using config.

Documentation

The PR includes doc updates.

@tjquinno tjquinno self-assigned this Jan 8, 2024
@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Jan 8, 2024
Signed-off-by: Tim Quinn <tim.quinn@oracle.com>
@tjquinno tjquinno force-pushed the 4.x-cors-built-in-services branch from b5f215a to 6c3f54d Compare January 11, 2024 16:35
Copy link
Member

@tomas-langer tomas-langer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I cannot really review the docs language, for the rest I am OK

@tjquinno tjquinno merged commit 8dca1dc into helidon-io:main Jan 11, 2024
12 checks passed
@tjquinno tjquinno deleted the 4.x-cors-built-in-services branch January 11, 2024 17:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4.x CORS configuration ignored for automatically-discovered Helidon-provided services (health, metrics)
2 participants