grails-cors icon indicating copy to clipboard operation
grails-cors copied to clipboard

Published 20 hours ago verified publisher icon davidtinker

Problem with external properties in production mode

Open JcrGit opened this issue 10 years ago • 6 comments
trafficstars

Hi,

We use grails cors plugin in our project and we have seen a strange issue :

When I wrote in config.groovy : cors.url.pattern = '/beer/_' cors.allow.origin.regex='._mon.domaine.autorise([/].*)?

And started application (in dev mode and prod mode), I have tested theses cases :

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/immortalCats => No headers in response

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.non.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => No headers in response

==> All is good.

But we need to externalise params in config.properties; we wrote this in config.properties and suppressed it from config.groovy : cors.url.pattern = '/beer/_' cors.allow.origin.regex='._mon.domaine.autorise([/].*)?

When the application starts in prod mode we have these results :

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/immortalCats => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.non.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.non.autorise/authenticationFom/ Access-Control-Allow-Origin: true

==> It's like the plugin don't see the params and make a default comportment. Could you test it ?

PS : We use grails 2.2 and grails cors plugin 1.1.6 and standards grails mechanincs for properties.

JcrGit avatar Nov 27 '14 10:11 JcrGit

Hmm. I will have a look. I haven't ever used an external properties file for a Grails app, only external .groovy files.

On Thu, Nov 27, 2014 at 12:43 PM, JcrGit [email protected] wrote:

Hi,

We use grails cors plugin in our project and we have seen a strange issue :

When I wrote in config.groovy : cors.url.pattern = '/beer/ _' cors.allow.origin.regex='._mon.domaine.autorise([/].*)?

And started application (in dev mode and prod mode), I have tested theses cases :

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/immortalCats => No headers in response

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.non.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => No headers in response

==> All is good.

But we need to externalise params in config.properties; we wrote this in config.properties and suppressed it from config.groovy : cors.url.pattern = '/beer/ _' cors.allow.origin.regex='._mon.domaine.autorise([/].*)?

When the application starts in prod mode we have these results :

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/immortalCats => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.autorise/authenticationFom/ Access-Control-Allow-Origin: true

curl -H "Origin: http://mon.domaine.non.autorise/authenticationFom/" --verbose http://sf713606.societe.mma.fr:8084/applicationBlanche/beer/show/1 => headers in response : Access-Control-Allow-Origin: http://mon.domaine.non.autorise/authenticationFom/ Access-Control-Allow-Origin: true

==> It's like the plugin don't see the params and make a default comportment. Could you test it ?

PS : We use grails 2.2 and grails cors plugin 1.1.6 and standards grails mechanincs for properties.

— Reply to this email directly or view it on GitHub https://github.com/davidtinker/grails-cors/issues/31.

http://qdb.io/ Persistent Message Queues With Replay and #RabbitMQ Integration

davidtinker avatar Nov 27 '14 11:11 davidtinker

Thx ;)

JcrGit avatar Nov 27 '14 13:11 JcrGit

Hi David, have you looked at this problem ?

Thx.

JcrGit avatar Jan 13 '15 10:01 JcrGit

Up

JcrGit avatar Jan 28 '15 10:01 JcrGit

Up

JcrGit avatar Mar 27 '15 13:03 JcrGit

Added pull request https://github.com/davidtinker/grails-cors/pull/35

ctoestreich avatar May 14 '15 19:05 ctoestreich