[OPENIDM-9719] CORS headers returned to client with repeated values Created: 20/Nov/17  Updated: 20/Apr/18  Resolved: 20/Apr/18

Status: Closed
Project: OpenIDM
Component/s: Module - Servlet Filters
Affects Version/s: OpenIDM 5.0.0, OpenIDM 5.5.0, OpenIDM 6.0.0
Fix Version/s: OpenIDM 6.0.0

Type: Bug Priority: Major
Reporter: patrick diligent Assignee: patrick diligent
Resolution: Fixed Votes: 0
Labels: release-notes
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backport
is backported by OPENIDM-9896 5.5.0.1 Backport OPENIDM-9719: CORS h... Closed
Verified Version/s:
Support Ticket IDs:

 Description   

Issue manifesting especially with 5.0, in a docker container. Could never reproduce on a host install (outside of a docker container), or with any environment on 5.5. However, since there seems to be no change in this area, targeting also 5.5 and 6.0. 

 

curl --verbose -X OPTIONS "http://localhost:8080/openidm/selfservice/registration?_action=submitRequirements" -H 'access-control-request-headers: origin,accept,cache-control,content-type,idmversion,x-openidm-password,x-openidm-username' -H 'access-control-request-method: POST' -H 'cache-control: no-cache' -H 'origin: https://localhost:8443' -d '{
"input" : {
 "user" : {
 "userName" : "peter",
 "givenName" : "peter",
 "sn" : "frgk",
 "mail" : "peter@frgk.com",
 "password" : "P@ssw0rd",
 "telephoneNumber" : "0192-0903-009"
 }
 }
}'

 

*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> OPTIONS /openidm/selfservice/registration?_action=submitRequirements HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.54.0
> Accept: */*
> access-control-request-headers: origin,accept,cache-control,content-type,idmversion,x-openidm-password,x-openidm-username
> access-control-request-method: POST
> cache-control: no-cache
> origin: https://localhost:8443
> Content-Length: 187
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 187 out of 187 bytes
< HTTP/1.1 200 OK
< Date: Mon, 20 Nov 2017 02:49:20 GMT
< Access-Control-Allow-Origin: https://localhost:8443
< Vary: Origin
< Access-Control-Allow-Credentials: true
< Access-Control-Max-Age: 1800
< Access-Control-Allow-Methods: GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH,GET,POST,PUT,DELETE,PATCH
< Access-Control-Allow-Headers: Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password,Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password
< Content-Length: 0
< 
* Connection #0 to host localhost left intact

 

servletfilter-cors.json

{
"classPathURLs" : [ ],
"systemProperties" : { },
"requestAttributes" : { },
"scriptExtensions" : { },
"initParams" : {
"allowedOrigins" : "https://localhost:&{openidm.port.https}",
"allowedMethods" : "GET,POST,PUT,DELETE,PATCH",
"allowedHeaders" : "Content-Type,Cache-Control,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,idmVersion,X-OpenIDM-Username,X-OpenIDM-Password",
"allowCredentials" : "true",
"chainPreflight" : "false"
},
"urlPatterns" : [
"/*"
],
"filterClass" : "org.eclipse.jetty.servlets.CrossOriginFilter"
}


 Comments   
Comment by Laurent Bristiel [X] (Inactive) [ 24/Nov/17 ]

checked OK with OpenIDM version "6.0.0-SNAPSHOT" (revision: 60671c1)

Comment by Lana Frost [ 20/Apr/18 ]

Add to Release Notes

Generated at Sun Sep 27 19:17:08 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.