Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-9719

CORS headers returned to client with repeated values

    Details

      Description

      Issue manifesting especially with 5.0, in a docker container. Could never reproduce on a host install (outside of a docker container), or with any environment on 5.5. However, since there seems to be no change in this area, targeting also 5.5 and 6.0. 

       

      curl --verbose -X OPTIONS "http://localhost:8080/openidm/selfservice/registration?_action=submitRequirements" -H 'access-control-request-headers: origin,accept,cache-control,content-type,idmversion,x-openidm-password,x-openidm-username' -H 'access-control-request-method: POST' -H 'cache-control: no-cache' -H 'origin: https://localhost:8443' -d '{
      "input" : {
       "user" : {
       "userName" : "peter",
       "givenName" : "peter",
       "sn" : "frgk",
       "mail" : "peter@frgk.com",
       "password" : "P@ssw0rd",
       "telephoneNumber" : "0192-0903-009"
       }
       }
      }'
      
      

       

      *   Trying ::1...
      * TCP_NODELAY set
      * Connected to localhost (::1) port 8080 (#0)
      > OPTIONS /openidm/selfservice/registration?_action=submitRequirements HTTP/1.1
      > Host: localhost:8080
      > User-Agent: curl/7.54.0
      > Accept: */*
      > access-control-request-headers: origin,accept,cache-control,content-type,idmversion,x-openidm-password,x-openidm-username
      > access-control-request-method: POST
      > cache-control: no-cache
      > origin: https://localhost:8443
      > Content-Length: 187
      > Content-Type: application/x-www-form-urlencoded
      > 
      * upload completely sent off: 187 out of 187 bytes
      < HTTP/1.1 200 OK
      < Date: Mon, 20 Nov 2017 02:49:20 GMT
      < Access-Control-Allow-Origin: https://localhost:8443
      < Vary: Origin
      < Access-Control-Allow-Credentials: true
      < Access-Control-Max-Age: 1800
      < Access-Control-Allow-Methods: GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH
      < Access-Control-Allow-Headers: Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password
      < Content-Length: 0
      < 
      * Connection #0 to host localhost left intact
      
      

       

      servletfilter-cors.json

      {
      "classPathURLs" : [ ],
      "systemProperties" : { },
      "requestAttributes" : { },
      "scriptExtensions" : { },
      "initParams" : {
      "allowedOrigins" : "https://localhost:&{openidm.port.https}",
      "allowedMethods" : "GET,POST,PUT,DELETE,PATCH",
      "allowedHeaders" : "Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password",
      "allowCredentials" : "true",
      "chainPreflight" : "false"
      },
      "urlPatterns" : [
      "/*"
      ],
      "filterClass" : "org.eclipse.jetty.servlets.CrossOriginFilter"
      }

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                patrickdiligent patrick diligent
                Reporter:
                patrickdiligent patrick diligent
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: