const classafBedSheet::CrossOriginResourceSharingFilter

sys::Obj
  afBedSheet::CrossOriginResourceSharingFilter

Cross Origin Resource Sharing (CORS) is a strategy for browsers to overcome the limitations of cross domain scripting. The handshake is done via http headers:

  1. The browser sets CORS specific http headers in the request
  2. The server inspects the headers and sets its own http headers in the response
  3. The browser asserts the resonse headers

On the browser side, most of the header setting and checking is done automatically by XMLHttpRequest. On the server side, contribute the following routes to the paths that will service the ajax requests:

simpleRoute    := Route(`<simple-path>`,    CrossOriginResourceSharingFilter#serviceSimple,    "GET POST")
preflightRoute := Route(`<preflight-path>`, CrossOriginResourceSharingFilter#servicePrefilght, "OPTIONS")

conf.add("corsSimple", 	  simpleRoute,    ["before: routes"])
conf.add("corsPreflight", preflightRoute, ["before: routes"])

And set the following config values:

@see Read the following for specifics:

servicePrefilght

Source

Bool servicePrefilght(Uri uri := ``)

Map to an OPTIONS http method

serviceSimple

Source

Bool serviceSimple(Uri uri := ``)

Map to... TODO: more docs