Fix up CORS support

2014-08-08 17:40:43 -04:00 · 2014-08-08 17:40:43 -04:00 · 2ede952342
parent 8149df964e
commit 2ede952342
5 changed files with 29 additions and 3 deletions
--- a/hapi-fhir-base/src/site/xdoc/doc_cors.xml
+++ b/hapi-fhir-base/src/site/xdoc/doc_cors.xml
@ -76,7 +76,7 @@
 	<init-param>
 		<description>A comma separated list non-standard response headers that will be exposed to XHR2 object.</description>
 		<param-name>cors.exposed.headers</param-name>
-		<param-value></param-value>
+		<param-value>Location,Content-Location</param-value>
 	</init-param>
 	<init-param>
 		<description>A flag that suggests if CORS is supported with cookies</description>
--- a/hapi-fhir-base/src/test/java/ca/uhn/fhir/rest/server/CorsTest.java
+++ b/hapi-fhir-base/src/test/java/ca/uhn/fhir/rest/server/CorsTest.java
@ -12,6 +12,8 @@ import org.apache.http.Header;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpOptions;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
@ -26,6 +28,7 @@ import org.junit.Test;

 import ca.uhn.fhir.context.FhirContext;
 import ca.uhn.fhir.model.api.Bundle;
+import ca.uhn.fhir.model.dstu.resource.Patient;
 import ca.uhn.fhir.rest.server.ResfulServerSelfReferenceTest.DummyPatientResourceProvider;
 import ca.uhn.fhir.testutil.RandomServerPortProvider;

@ -54,6 +57,7 @@ public class CorsTest {
 		fh.setInitParameter("cors.logging.enabled", "true");
 		fh.setInitParameter("cors.allowed.origins", "*");
 		fh.setInitParameter("cors.allowed.headers", "x-fhir-starter,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers");
+		fh.setInitParameter("cors.exposed.headers", "Location,Content-Location");
 		fh.setInitParameter("cors.allowed.methods", "GET,POST,PUT,DELETE,OPTIONS");

 		ServletContextHandler ch = new ServletContextHandler();
@ -100,6 +104,20 @@ public class CorsTest {

 				assertEquals(1, bundle.getEntries().size());
 			}
+			{
+				HttpPost httpOpt = new HttpPost(baseUri + "/Patient");
+				httpOpt.addHeader("Access-Control-Request-Method", "POST");
+				httpOpt.addHeader("Origin", "http://www.fhir-starter.com");
+				httpOpt.addHeader("Access-Control-Request-Headers", "accept, x-fhir-starter, content-type");
+				httpOpt.setEntity(new StringEntity(ourCtx.newXmlParser().encodeResourceToString(new Patient())));
+				HttpResponse status = ourClient.execute(httpOpt);
+				String responseContent = IOUtils.toString(status.getEntity().getContent());
+				IOUtils.closeQuietly(status.getEntity().getContent());
+				ourLog.info("Response: {}", status);
+				ourLog.info("Response was:\n{}", responseContent);
+				assertEquals("POST", status.getFirstHeader(Constants.HEADER_CORS_ALLOW_METHODS).getValue());
+				assertEquals("http://www.fhir-starter.com", status.getFirstHeader(Constants.HEADER_CORS_ALLOW_ORIGIN).getValue());
+			}
 		} finally {
 			server.stop();
 		}
--- a/hapi-fhir-base/src/test/java/ca/uhn/fhir/rest/server/ResfulServerSelfReferenceTest.java
+++ b/hapi-fhir-base/src/test/java/ca/uhn/fhir/rest/server/ResfulServerSelfReferenceTest.java
@ -28,10 +28,13 @@ import ca.uhn.fhir.model.dstu.resource.Patient;
 import ca.uhn.fhir.model.dstu.valueset.IdentifierUseEnum;
 import ca.uhn.fhir.model.primitive.IdDt;
 import ca.uhn.fhir.model.primitive.UriDt;
+import ca.uhn.fhir.rest.annotation.Create;
 import ca.uhn.fhir.rest.annotation.IdParam;
 import ca.uhn.fhir.rest.annotation.Read;
 import ca.uhn.fhir.rest.annotation.RequiredParam;
+import ca.uhn.fhir.rest.annotation.ResourceParam;
 import ca.uhn.fhir.rest.annotation.Search;
+import ca.uhn.fhir.rest.api.MethodOutcome;
 import ca.uhn.fhir.rest.server.provider.ServerProfileProvider;
 import ca.uhn.fhir.testutil.RandomServerPortProvider;

@ -174,6 +177,11 @@ public class ResfulServerSelfReferenceTest {
 			return idToPatient;
 		}

+		@Create
+		public MethodOutcome create(@ResourceParam Patient thePatient) {
+			return new MethodOutcome(thePatient.getId());
+		}
+		
 		@Search()
 		public Patient getPatient(@RequiredParam(name = Patient.SP_IDENTIFIER) IdentifierDt theIdentifier) {
 			for (Patient next : getIdToPatient().values()) {
--- a/hapi-fhir-jpaserver-uhnfhirtest/src/main/webapp/WEB-INF/web.xml
+++ b/hapi-fhir-jpaserver-uhnfhirtest/src/main/webapp/WEB-INF/web.xml
@ -76,7 +76,7 @@
 		<init-param>
 			<description>A comma separated list non-standard response headers that will be exposed to XHR2 object.</description>
 			<param-name>cors.exposed.headers</param-name>
-			<param-value></param-value>
+			<param-value>Location,Content-Location</param-value>
 		</init-param>
 		<init-param>
 			<description>A flag that suggests if CORS is supported with cookies</description>
--- a/restful-server-example/src/main/webapp/WEB-INF/web.xml
+++ b/restful-server-example/src/main/webapp/WEB-INF/web.xml
@ -51,7 +51,7 @@
 		<init-param>
 			<description>A comma separated list non-standard response headers that will be exposed to XHR2 object.</description>
 			<param-name>cors.exposed.headers</param-name>
-			<param-value></param-value>
+			<param-value>Location,Content-Location</param-value>
 		</init-param>
 		<init-param>
 			<description>A flag that suggests if CORS is supported with cookies</description>