java - Getting 403 (Forbidden) when trying to use CORS -


i have spring websocket application want access client.

i using sockjs this.

when connection http://localhost:8080/hello/info attempted open, 403 (forbidden) error.

here cors conf in spring:

@component public class simplecorsfilter implements filter {      public void dofilter(servletrequest req, servletresponse res, filterchain chain) throws ioexception, servletexception {         httpservletresponse response = (httpservletresponse) res;          response.setheader("access-control-allow-origin", "http://localhost:3000");         response.setheader("access-control-allow-credentials", "true");         response.setheader("access-control-max-age", "3600");         response.setheader("access-control-allow-methods", "post, get, options, put, delete, head, patch");         response.setheader("access-control-allow-headers",                         "origin, content-type, accept, cookie, connection, accept-encoding, accept-language, content-length, host, referer, user-agent");          chain.dofilter(req, res);     }      public void init(filterconfig filterconfig) {}      public void destroy() {}  }

if try use socket page spring self server, works without problems. when client uses same angular code have in spring, fails error above.

here comparison of request headers:

working header:

get /hello/info http/1.1 host: localhost:8080 connection: keep-alive cache-control: max-age=0 user-agent: mozilla/5.0 (x11; linux x86_64) applewebkit/537.36 (khtml, gecko) ubuntu chromium/41.0.2272.76 chrome/41.0.2272.76 safari/537.36 accept: */* referer: http://localhost:8080/ accept-encoding: gzip, deflate, sdch accept-language: et-ee,et;q=0.8,en-us;q=0.6,en;q=0.4 cookie: remember_token=q9m8fpja13ssrxjoudwvag; _test1_session=n0wvowv5ctu3vwd2tes0snz2rkvqq0lzn2tkbndzwmlodvl0vvl5efdsr1fvyurkmev0cffsu2rpk2zivtf6zhzldfjnsuy0ukl1nloxd29qqlnftmfbt2zjbva4m1zzuezubdzhswfrtjhidvlta3joze9mbehbrgg5smhmandrwkxnsxq1cxflb3zrtxfllzzgzgp3pt0tlxz3czljlzzxujlor0ewchlrdvvwc2c9pq%3d%3d--c152b026e7859d5e8a5e8f260b66b33a6921f3b7; _harjutus_session=evleeu1nwjc4qjzhm0m4bezqq0ftvep6unfcyvkzuld1bvndmvptk1m2smvjmepqzlbswwq0yuxlcznzegs5cgvjbwmybwxpn0lzkzblrgjsr1jcvnqyn21zwwzlmdjpzu1enhe2vljucvfsdnu1auvnoupcow5cdyt2qst0k2jrchizme56zurlbtbtymltslozcwpyy1flmvlhmlvfwep3wexnuha1azdkwfpby3nxqnjyec90ztjzr0nfa2vpynnrcnp3c0zotvvmudu4n2i4zy92shjmtdludvjytkjtu3e2t0lgufuwceqrretuumtsdgdkwxvrr2lvn3pxmi0ttvb3wfb2m0nurdqvzlfwbm5uwezqut09--5e23d496aa3ecad4f5e7343ba8e326f18304844b

not working header:

get /hello/info http/1.1 host: localhost:8080 connection: keep-alive cache-control: max-age=0 origin: http://localhost:3000 user-agent: mozilla/5.0 (x11; linux x86_64) applewebkit/537.36 (khtml, gecko) ubuntu chromium/41.0.2272.76 chrome/41.0.2272.76 safari/537.36 accept: */* referer: http://localhost:3000/ accept-encoding: gzip, deflate, sdch accept-language: et-ee,et;q=0.8,en-us;q=0.6,en;q=0.4

is problem cookie header?

i did problematic client nothing changed. should not matter both spring application , ruby on rails application have same angular code used connect websocket.

app.config([     '$httpprovider', function($httpprovider) {          $httpprovider.defaults.withcredentials = true;      } ]);

edit: accessing websocket url in browser shows this: {"entropy":-319177751,"origins":["*:*"],"cookie_needed":true,"websocket":true}

can cookie_needed turned off somehow? fail find in spring docs it.

you use websockets, if have newest version of spring didn't specify allowed origins. according documentation, 21.2.6 configuring allowed origins, same origin requests allowed default websockets of spring 4.1.5.


Comments

Post a Comment

Popular posts from this blog

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a
Read more

Python Tkinter keyboard using bind -

i have problem using bind option can click button in keyboard, , call function once key pressed. tried taking other codes have similar purpose , saw i'm doing pretty same, though still have problem must've missed. thankful if me this. here's code: # -*- coding: utf-8 -*- #imports tkinter import * pil import imagetk, image import time import tkmessagebox #===========================================================================================================================================# #tkinter class class app(frame): def __init__(self, master=none): frame.__init__(self, master) self.pack() #===========================================================================================================================================# #game pieces classes class board: def __init__(self, rows = 7, columns = 6, picture_height = none, picture_width = none): self.rows = rows self.columns = columns self.picture
Read more

ubuntu - Selenium Node Not Connecting to Hub, Not Opening Port -

i'm trying set demo selenium grid. have digital ocean ubuntu 14.02 droplet. (i have 2 , tried set using 2 different machines got nowhere.) i'm trying run hub , node both locally. here input both hub, node, , nmap results. https://gist.github.com/mekhami/d5bbecca5ff0de9d2dc9 so, node starting tcp connection reset , port it's supposed operate on closed. i have had no luck in number of different options , configurations work. but... of course, worked randomly once. don't know why, don't know did, know 1 brief moment, node connected , saw on grid console. tried run test , went down again , i've never seen come up. please let me know more information can provide. update: randomly came online again. don't know happened, might related timeout or time_wait or going on. this because vm/server not have enough entropy available. to resolve problem, install haveged (or other similar things). the instructions of how install haveged on ubu
Read more