Ouch.
You're definitely right, I should have post my environment. While looking at it
I detected Tomcat 9.0.10 ... quite old. So I did an update to 9.0.24.
Finalizing the update I recognized that someone had modified the global
context.xml and looking at the diff I found an additional Valve:
Hi,
we've setup a Tomcat instance to answer on HTTP and port 8080 to requests from
the intranet and HTTPS with port 8445 to external requests. When we use HTTPS
and port 8445 from the intranet, our firewall will redirect the request, but
without changing protocol or port. Tomcat answers to ever
Hi Mark
Am Freitag, 8. Februar 2019, 09:30:32 CET schrieb Jörg Schaible:
> Hi Mark,
>
> Am Mittwoch, 6. Februar 2019, 15:32:26 CET schrieb Mark Thomas:
>
> [snip]
>
> > You need to set cors.allowed.origin to an appropriate value. See:
> > http://tomcat.ap
Hi Mark,
Am Mittwoch, 6. Februar 2019, 15:32:26 CET schrieb Mark Thomas:
[snip]
> You need to set cors.allowed.origin to an appropriate value. See:
> http://tomcat.apache.org/tomcat-9.0-doc/config/filter.html#CORS_Filter
thanks for your pointers, but unfortunately even setting the value to '*'
Hi Mark,
Am Mittwoch, 6. Februar 2019, 11:45:46 CET schrieb Mark Thomas:
> Exact Tomcat 8 version?
> Exact Tomcat 9 version?
>
> How is CORS configured in your application?
the VersionLoggerListener entries from the catalina.log files:
this is the machine with Tomcat 8:
== %< ==
Hi,
we have a strange symptom after an upgrade from Tomcat 8 to Tomcat 9, because
we get a 403 for a call that works flawlessly with the previous version.
Let's describe the scenario: We have a customer with a Wordpress application
hosted on an Apache server. Some pages perform XMLHttpRequests
