In 3.0.7 I implemented a CORS filter:
https://github.com/resteasy/Resteasy/blob/master/jaxrs/resteasy-jaxrs/src/main/java/org/jboss/resteasy/plugins/interceptors/CorsFilter.java
On 4/2/2014 3:03 AM, Rajshekhar AndalaPisharam wrote:
Andrew
The best option is to make an exception mapper for
DefaultOptionsMethodException and add the CORS headers within the
toResponse method of the mapper. For example:
@Provider
public class OptionsMethodExceptionMapper implements
ExceptionMapperDefaultOptionsMethodException{
@Override
public Response toResponse(DefaultOptionsMethodException exception) {
Response.ResponseBuilder builder =Response.ok();
//..here add CORS to headers of the builder
return builder.build();
}
By doing this all your resources will have OPTIONS response with CORS
headers.
Thanks
A.P. Rajshekhar
From: andrew simpson andrew10...@gmail.com
To: resteasy-users@lists.sourceforge.net
Sent: Tuesday, April 1, 2014 11:28:45 AM
Subject: [Resteasy-users] @OPTIONS / allowing cross-site scripting
I've hit a well-known problem with cross site scripting; I'd like to
develop javascript locally, but using REST services hosted remotely
http://stackoverflow.com/questions/14589031/ajax-request-with-jax-rs-resteasy-implementing-cors
I've tried a number of ways of implementing an OPTIONS method that
allows clients from other origins to collect, but none of them seem to
work. I've tried curl to confirm with curl, but don't see the
access-control-* headers returned; my suspicion is that the @path
directives are somehow not matching my request.
Does anyone have a pointer to an example which works with a recent
version of RestEasy (I'm using 3.0.6 and JBoss AS 7.1.1)
Thanks..
Andrew
--
___
Resteasy-users mailing list
Resteasy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/resteasy-users
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
--
___
Resteasy-users mailing list
Resteasy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/resteasy-users
