Hi,
I need cross origin support for a REST API. In order to achieve it I am
trying to set the following headers in the response.
> "Access-Control-Allow-Origin", "*"
> "Access-Control-Allow-Headers","*"
> "Access-Control-Allow-Methods","GET, POST, DELETE"
My current implementation is as follows.
in web.xml
> <filter>
> <filter-name>CorsFilter</filter-name>
> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
> </filter>
>
> <filter-mapping>
> <filter-name>CorsFilter</filter-name>
> <url-pattern>/*</url-pattern>
</filter-mapping>
>
>
the Rest implementation
@Path("/datasets")public class DatasetApiV10 extends MLRestAPI {
@OPTIONS
public Response options() {
return Response.ok().header("Access-Control-Allow-Origin",
"*").header("Access-Control-Allow-Headers","*").header("Access-Control-Allow-Methods","GET,
POST, DELETE").build();
}
Cross origin headers are *not set *in the response header when a cross
origin call is made, but those headers are *set* when I do a local OPTIONS
call for the API using cURL or a REST client.
Following is the error message I am getting in chrome console.
XMLHttpRequest cannot load https://localhost:9443/api/datasets. Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:8080' is therefore not allowed access. The
response had HTTP status code 403
Any suggestion to solve this issue?
--
Thanks & Regards,
Fazlan Nazeem
*Software Engineer*
*WSO2 Inc*
Mobile : +94772338839
<%2B94%20%280%29%20773%20451194>
fazl...@wso2.com
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
