« "Walk the Path--How... | Main | WebSphere, Mainframe... »

Quarkus, CORS and Missing HTTP Headers

A JAX-RS endpoint: 


import java.net.URI;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

@Path("/hello")
public class HelloResource {

    @POST
    @Produces(MediaType.TEXT_PLAIN)
        public Response post(String content) {
        var uri = URI.create("/id" + System.currentTimeMillis());
        return Response.created(uri).build();
    }    
}

with activated CORS in application.properties: 


quarkus.http.cors=true

...and accessed with browser's fetch from a different domain / port: 


const sendPost = async  _ => { 
    const response = await fetch("http://localhost:8080/hello", {
        method: 'POST',
        body:'hello from js'
    });
    const headerContent = response.headers.get('Location');
    console.log('Location header',headerContent);
}

sendPost();

won't reveal the headers: Location header null.

To access the headers from JavaScript, you will have to list them in Quarkus' configuration: 


quarkus.http.cors.exposed-headers=Location

Since curl is not a browser, the following command: curl -i -XPOST -d'hello' localhost:8080/hello always returns all headers: 


HTTP/1.1 201 Created
Content-Length: 0
Location: http://localhost:8080/id1595909973814

Looks like a bug, but it is actually a feature.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
Number of posts: 2418
Number of comments: 6163
Yesterday's hits: 17728
Today's hits: 583
Post reads / hour: 606
Top posts:

about.adam-bien.com
blog archives
App Icon Apple Podcasts
...the last 150 posts
...the last 10 comments
License
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.0 License.