This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2017-05-27
Channels
- # bangalore-clj (1)
- # beginners (50)
- # boot (23)
- # cider (19)
- # clara (28)
- # cljsrn (4)
- # clojure (93)
- # clojure-greece (67)
- # clojure-spec (14)
- # clojure-uk (11)
- # clojurebridge (1)
- # clojurescript (151)
- # community-development (1)
- # core-async (19)
- # core-matrix (1)
- # cursive (3)
- # emacs (1)
- # klipse (5)
- # leiningen (5)
- # luminus (3)
- # lumo (22)
- # nyc (1)
- # off-topic (17)
- # om (12)
- # onyx (16)
- # pedestal (5)
- # re-frame (20)
- # reagent (5)
- # spacemacs (10)
- # uncomplicate (2)
- # unrepl (11)
- # untangled (8)
- # vim (1)
How do I disable secure headers? This doesn’t seem to work:
(def service {:env :prod
::http/enable-csrf nil
::http/secure-headers nil
::http/allowed-origins {:creds true :allowed-origins (constantly true)}
::http/routes routes
;; Root for resource interceptor that is available by default.
::http/resource-path "/public"
;; Either :jetty or :tomcat (see comments in project.clj
;; to enable Tomcat)
::http/type :jetty
::http/port 8080})bradford: That doesn’t work because of this https://github.com/pedestal/pedestal/blob/master/service/src/io/pedestal/http.clj#L233. I think your best bet is to pass in options that configure the the security headers to be less restrictive. Refer to https://github.com/pedestal/pedestal/blob/master/service/src/io/pedestal/http.clj#L258 and https://github.com/pedestal/pedestal/blob/master/service/src/io/pedestal/http/secure_headers.clj#L161.
so I've created a new project with the lein template, and fired up the repl with lein repl, (def serv (run-dev)). when I make a change to server.clj, my repl isn't reloading the source.
i'm following this guide: http://pedestal.io/guides/developing-at-the-repl