[rabbitmq-discuss] CORS in the mgmt http api

Simon MacMullen simon at rabbitmq.com
Mon Mar 25 14:54:05 GMT 2013

On 25/03/13 14:24, carlhoerberg wrote:
> What about adding CORS headers to the mgmt HTTP API responses, so that the
> API can be used from other client side apps?
> https://github.com/rabbitmq/rabbitmq-management/issues/3

As I said at the issue: we don't want to add 
"Access-Control-Allow-Origin: *", this is a security thing.

Allowing you to configure mgmt so that it allows custom headers to be 
set would be OK I guess.

What is your use case though? Are you intending to write an alternate 
web UI? :-)

Cheers, Simon

Simon MacMullen
RabbitMQ, VMware

More information about the rabbitmq-discuss mailing list