From 99bc52bf05b176435fd0e6587e2deb8ff09bf574 Mon Sep 17 00:00:00 2001 From: marest94 Date: Thu, 11 Jul 2024 14:57:12 +0200 Subject: [PATCH] Update CHANGELOG.md and README.md --- CHANGELOG.md | 15 +++++++++++++++ README.md | 29 +++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4418b5bd..4c89a4f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,21 @@ # Changelog All notable changes to this project will be documented in this file. +## [1.14.9] - 2024-07-11 + +### Added + + - CORS configuration (for compatibility with UI) + +### Changed + + - Updated firewall.properties + - Multipart message library upgraded to 1.0.18 + - Websocket library upgraded to 1.0.18 + - Fix WSS SSL support + - Upgrade GHA to use Node.js 20 + + ## [1.14.8] - 2024-02-14 ### Added diff --git a/README.md b/README.md index cde20b9f..0a502ed5 100644 --- a/README.md +++ b/README.md @@ -97,6 +97,35 @@ allowUrlEncodedPeriod=true ``` *IMPORTANT:* If you're not an expert, the strong advice is to keep values at their default values. If you decide to change values, pay special attention to allowHeaderNames and allowHeaderValues, since those set values are exclusive and considered as only values that should be present in the header. +## CORS Configuration + +In order to communicate with UI, CORS (Cross-Origin Resource Sharing) settings should be configured in `application.properties` file. This allows you to specify which origins, methods, and headers are permitted when making cross-origin requests to your application. + +``` +application.cors.allowed.origins= +application.cors.allowed.methods= +application.cors.allowed.headers= +``` + + - `application.cors.allowed.origins`: Specifies the allowed origins. If empty, all origins (*) are allowed. + - `application.cors.allowed.methods`: Specifies the allowed HTTP methods. If empty, all methods (*) are allowed. + - `application.cors.allowed.header`s: Specifies the allowed headers. If empty, all headers (*) are allowed. + + Example configuration: + + ``` + # Allow specific origins +application.cors.allowed.origins=https://example.com,https://another-example.com + +# Allow specific HTTP methods +application.cors.allowed.methods=GET,POST,PUT,DELETE + +# Allow specific headers +application.cors.allowed.headers= + ``` + + + ## How to Test The reachability could be verified using the following endpoints: * **http://{IP_ADDRESS}:{HTTP_PUBLIC_PORT}/about/version**