Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Blocker
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
It seems that the POI client cannot ask the KeyRock server about user, e.g. the name, making it difficult to show the name or other information of the logged-in user as customary. This seems to be due to missing CORS (cross-origin resource sharing) support in the /user resource.
More information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Code snippet from the CORS support of the POI server for reference (PHP):
... if ($_SERVER['REQUEST_METHOD'] == 'GET' ) { /* Prepare here response data to $response_struct */ ... $return_val = json_encode($response_struct); header("Content-type: application/json"); // CORS header header("Access-Control-Allow-Origin: *"); echo $return_val; } else if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { // Reply with headers allowing CORS header("Access-Control-Allow-Origin: *"); if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) header("Access-Control-Allow-Methods: GET, OPTIONS"); if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}"); exit(0); } ...
Activity
- All
- Comments
- History
- Activity
- Transitions