Joined September 2013
·

Jose Raya

Software Developer at Agilogy
·
Barcelona
·
·
·

Posted to CORS directive for Spray over 1 year ago

Hi,
I think that you are right and it will be more secure if you can restrict the list of possible origins although it might be a litte cumbersome to manage (for instance, changing your code or your configuration every time you want to add a new origin).
You can find a good discussion of the issue here: http://stackoverflow.com/questions/19322973/security-implications-of-adding-all-domains-to-cors-access-control-allow-origin

Posted to CORS directive for Spray over 1 year ago

Thank you very much for your comment. I did not run into this problem and I guess that it is because of the order in which I declared the directives:

cors { pathPrefix(...) { post { authenticate(myAuthenticator) { ... } } } }

In this case, the metod rejection happens before the authentication rejection and my original code works. It is my understanding that, in your case, as authenticate is declared before get it will reject the request before even looking at the method and, as you experienced, my code does not work because it does not find the MethodRejection (at least that's my guess).

Posted to AngularJS SEO over 1 year ago

That's right. I think that this POST is pretty much obsolete right now :)

Posted to AngularJS SEO over 1 year ago

Thanks for the heads up! You are right that the ! is important!

I like the idea of having a crawler to pregenerate the snapshots and I think that in a real world situation (where the rendering of a page has to wait for data to be downloaded from some server) it might help getting a better rank although it is not easy to quantify how much it would help.

The one thing I like about prerender, though, is that it is open source and, thus, I am more in control of my architecture. If the third-party service becomes unreliable I can always redirect my web server to my own prerender server.

Posted to AngularJS SEO over 1 year ago

Right now I am more inclined to try the crawling approach instead of the sitemap because of dynamic urls because I like the idea of pre-rendering the snapshots (as a part of the build process or as a periodically-run script) instead of generating them on demand.

If I have a /products/:id route I need to go to the database to lookup all the valid product id's during the sitemap generation and I think it will be easier to just crawl the links in the app (as the third-party services do).

Achievements
1,010 Karma
76,771 Total ProTip Views