Clean up CORS
This commit is contained in:
parent
4ed17457dd
commit
ba896e2553
|
@ -94,12 +94,16 @@
|
|||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-catalina</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<!-- UNIT TEST DEPENDENCIES -->
|
||||
<dependency>
|
||||
<groupId>net.sf.json-lib</groupId>
|
||||
<artifactId>json-lib</artifactId>
|
||||
<version>2.4</version>
|
||||
<classifier>jdk15</classifier>
|
||||
<scope>test</scope>
|
||||
<exclusions>
|
||||
|
@ -112,14 +116,12 @@
|
|||
<dependency>
|
||||
<groupId>net.sf.json-lib</groupId>
|
||||
<artifactId>json-lib</artifactId>
|
||||
<version>2.4</version>
|
||||
<classifier>jdk15-sources</classifier>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>directory-naming</groupId>
|
||||
<artifactId>naming-java</artifactId>
|
||||
<version>0.8</version>
|
||||
<scope>test</scope>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,13 +1,15 @@
|
|||
package ca.uhn.fhir.rest.server;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.EnumSet;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import javax.servlet.DispatcherType;
|
||||
|
||||
import org.apache.catalina.filters.CorsFilter;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.Header;
|
||||
import org.apache.http.HttpResponse;
|
||||
|
@ -19,7 +21,6 @@ import org.apache.http.entity.StringEntity;
|
|||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
|
||||
import org.ebaysf.web.cors.CORSFilter;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
|
||||
import org.eclipse.jetty.servlet.FilterHolder;
|
||||
|
@ -51,7 +52,7 @@ public class CorsTest {
|
|||
httpOpt.addHeader("Origin", "null");
|
||||
httpOpt.addHeader("Access-Control-Request-Headers", "accept, x-fhir-starter, content-type");
|
||||
HttpResponse status = ourClient.execute(httpOpt);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
ourLog.info("Response was:\n{}", responseContent);
|
||||
assertEquals("GET", status.getFirstHeader(Constants.HEADER_CORS_ALLOW_METHODS).getValue());
|
||||
|
@ -67,7 +68,7 @@ public class CorsTest {
|
|||
httpOpt.addHeader("Origin", "http://www.fhir-starter.com");
|
||||
httpOpt.addHeader("Access-Control-Request-Headers", "accept, x-fhir-starter, content-type");
|
||||
HttpResponse status = ourClient.execute(httpOpt);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
ourLog.info("Response was:\n{}", responseContent);
|
||||
assertEquals("POST", status.getFirstHeader(Constants.HEADER_CORS_ALLOW_METHODS).getValue());
|
||||
|
@ -83,7 +84,7 @@ public class CorsTest {
|
|||
Header origin = status.getFirstHeader(Constants.HEADER_CORS_ALLOW_ORIGIN);
|
||||
assertEquals("http://www.fhir-starter.com", origin.getValue());
|
||||
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
ourLog.info("Response was:\n{}", responseContent);
|
||||
|
||||
|
@ -99,7 +100,7 @@ public class CorsTest {
|
|||
httpOpt.addHeader("Access-Control-Request-Headers", "accept, x-fhir-starter, content-type");
|
||||
httpOpt.setEntity(new StringEntity(ourCtx.newXmlParser().encodeResourceToString(new Patient())));
|
||||
HttpResponse status = ourClient.execute(httpOpt);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
ourLog.info("Response: {}", status);
|
||||
ourLog.info("Response was:\n{}", responseContent);
|
||||
|
@ -129,7 +130,7 @@ public class CorsTest {
|
|||
ServletHolder servletHolder = new ServletHolder(restServer);
|
||||
|
||||
FilterHolder fh = new FilterHolder();
|
||||
fh.setHeldClass(CORSFilter_.class);
|
||||
fh.setHeldClass(CorsFilter.class);
|
||||
fh.setInitParameter("cors.logging.enabled", "true");
|
||||
fh.setInitParameter("cors.allowed.origins", "*");
|
||||
fh.setInitParameter("cors.allowed.headers", "x-fhir-starter,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers");
|
|
@ -25,9 +25,13 @@ import org.eclipse.jetty.servlet.ServletHandler;
|
|||
import org.eclipse.jetty.servlet.ServletHolder;
|
||||
import org.hl7.fhir.dstu3.model.DateType;
|
||||
import org.hl7.fhir.dstu3.model.IdType;
|
||||
import org.hl7.fhir.dstu3.model.OperationOutcome;
|
||||
import org.hl7.fhir.dstu3.model.OperationOutcome.OperationOutcomeIssueComponent;
|
||||
import org.hl7.fhir.dstu3.model.Patient;
|
||||
import org.hl7.fhir.instance.model.api.IBaseOperationOutcome;
|
||||
import org.hl7.fhir.instance.model.api.IBaseResource;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
|
||||
|
@ -45,6 +49,12 @@ public class CreateDstu3Test {
|
|||
private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(CreateDstu3Test.class);
|
||||
private static int ourPort;
|
||||
private static Server ourServer;
|
||||
public static IBaseOperationOutcome ourReturnOo;
|
||||
|
||||
@Before
|
||||
public void before() {
|
||||
ourReturnOo = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* #472
|
||||
|
@ -69,6 +79,24 @@ public class CreateDstu3Test {
|
|||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCreateReturnsOperationOutcome() throws Exception {
|
||||
ourReturnOo = new OperationOutcome().addIssue(new OperationOutcomeIssueComponent().setDiagnostics("DIAG"));
|
||||
|
||||
HttpPost httpPost = new HttpPost("http://localhost:" + ourPort + "/Patient");
|
||||
httpPost.setEntity(new StringEntity("{\"resourceType\":\"Patient\", \"status\":\"active\"}", ContentType.parse("application/fhir+json; charset=utf-8")));
|
||||
HttpResponse status = ourClient.execute(httpPost);
|
||||
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
ourLog.info("Response was:\n{}", responseContent);
|
||||
|
||||
assertEquals(201, status.getStatusLine().getStatusCode());
|
||||
|
||||
assertThat(responseContent, containsString("DIAG"));
|
||||
}
|
||||
|
||||
/**
|
||||
* #342
|
||||
*/
|
||||
|
@ -209,7 +237,7 @@ public class CreateDstu3Test {
|
|||
|
||||
@Create()
|
||||
public MethodOutcome create(@ResourceParam Patient theIdParam) {
|
||||
return new MethodOutcome(new IdType("Patient", "1"), true);
|
||||
return new MethodOutcome(new IdType("Patient", "1"), true).setOperationOutcome(ourReturnOo);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
<properties>
|
||||
<title>CORS</title>
|
||||
<author email="jamesagnew@users.sourceforge.net">James Agnew</author>
|
||||
<author email="jamesagnew@gmail.com">James Agnew</author>
|
||||
</properties>
|
||||
|
||||
<body>
|
||||
|
@ -17,32 +17,36 @@
|
|||
</p>
|
||||
|
||||
<p>
|
||||
The recommended filter for this purpose is the
|
||||
eBay Open Sourced
|
||||
<a href="https://github.com/ebay/cors-filter">CORS Filter</a> (Licensed under
|
||||
the Apache Software License 2.0).
|
||||
Note that in previous revisions of this document we recommended using the
|
||||
<a href="https://github.com/ebay/cors-filter">eBay CORS Filter</a>, but
|
||||
as of 2016 the eBay filter is no longer being maintained and contains known bugs.
|
||||
We now recommend against using this filter.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
To add CORS support using this library, there are two simple steps:
|
||||
The following examples show how to use the Apache Tomcat CorsFilter to enable
|
||||
CORS support. The instructions below should work even on platforms other than
|
||||
Tomcat (in other words, you can deploy the Tomcat CorsFilter to Jetty or JBoss if you like)
|
||||
but if you run into conflicts it may be worth investigating if there is a dedicated
|
||||
CORS filter for the platform you are using.
|
||||
</p>
|
||||
|
||||
<subsection name="Include cors-filter JAR">
|
||||
<subsection name="Add the Dependency">
|
||||
|
||||
<p>
|
||||
In your server WAR file, you must include the <b>cors-filter-X.X.X.JAR</b>
|
||||
dependency. This dependency is included in the HAPI distribution.
|
||||
If you are deploying to a platform other than Tomcat, add the
|
||||
following dependency to your Maven POM. If you are deploying
|
||||
to Tomcat, the required classes are present on the classpath
|
||||
so youdo not need to do this step.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
If you are using Maven, you will need to
|
||||
explicitly include it in your project pom.xml using the following dependency:
|
||||
Add the following dependency to your POM:
|
||||
</p>
|
||||
<source><![CDATA[<dependency>
|
||||
<groupId>org.ebaysf.web</groupId>
|
||||
<artifactId>cors-filter</artifactId>
|
||||
<version>1.0.1</version>
|
||||
<optional>true</optional>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-catalina</artifactId>
|
||||
<version>${tomcat_version}</version>
|
||||
</dependency>]]></source>
|
||||
|
||||
</subsection>
|
||||
|
@ -57,7 +61,7 @@
|
|||
|
||||
<source><![CDATA[<filter>
|
||||
<filter-name>CORS Filter</filter-name>
|
||||
<filter-class>org.ebaysf.web.cors.CORSFilter</filter-class>
|
||||
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
|
||||
<init-param>
|
||||
<description>A comma separated list of allowed origins. Note: An '*' cannot be used for an allowed origin when using credentials.</description>
|
||||
<param-name>cors.allowed.origins</param-name>
|
Loading…
Reference in New Issue