From 867de9de50953c0f1988536231ae3e53f97c7fd8 Mon Sep 17 00:00:00 2001 From: stianst Date: Mon, 11 Dec 2017 12:42:11 +0100 Subject: [PATCH] KEYCLOAK-6010 Add CORS headers to keycloak.js --- .../org/keycloak/services/resources/JsResource.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/JsResource.java b/services/src/main/java/org/keycloak/services/resources/JsResource.java index 404d3e4ce9..bec3d20d06 100755 --- a/services/src/main/java/org/keycloak/services/resources/JsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/JsResource.java @@ -17,6 +17,7 @@ package org.keycloak.services.resources; +import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.Version; import org.keycloak.services.util.CacheControlUtil; import org.keycloak.utils.MediaType; @@ -27,6 +28,7 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.CacheControl; +import javax.ws.rs.core.Context; import javax.ws.rs.core.Response; import java.io.InputStream; @@ -38,6 +40,9 @@ import java.io.InputStream; @Path("/js") public class JsResource { + @Context + private HttpRequest request; + /** * Get keycloak.js file for javascript clients * @@ -115,11 +120,13 @@ public class JsResource { cacheControl = CacheControlUtil.noCache(); } + Cors cors = Cors.add(request).allowAllOrigins(); + InputStream inputStream = getClass().getClassLoader().getResourceAsStream(name); if (inputStream != null) { - return Response.ok(inputStream).type("text/javascript").cacheControl(cacheControl).build(); + return cors.builder(Response.ok(inputStream).type("text/javascript").cacheControl(cacheControl)).build(); } else { - return Response.status(Response.Status.NOT_FOUND).build(); + return cors.builder(Response.status(Response.Status.NOT_FOUND)).build(); } } }