>-----Original Message----- >From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov] >Subject: RE: CORS on Tomcat? > >>-----Original Message----- >>From: Christopher Schultz [mailto:ch...@christopherschultz.net] >>Subject: Re: CORS on Tomcat? >> >>-----BEGIN PGP SIGNED MESSAGE----- >>Hash: SHA256 >> >>Leo, >> >>On 5/21/13 11:34 AM, Leo Donahue - RDSA IT wrote: >>> Does Tomcat support setting this header on the server? >>> >>> Header set Access-Control-Allow-Origin "*" >>> >>> If yes, where do we set it? >> >>You should know how to do this by now: url-rewrite. > >Thanks Chris. But.. but.. Apache has it... > >I wanted to avoid using a proxy that turns lengthy GET requests into POST >requests for one of our REST based web apps. I was reading online where >Cross Origin Resource Sharing was possible on some servers. Specifically here: >http://enable-cors.org/server.html >
I realize I can set the header in the response, but was hoping this can be something we set on the server for a specific context maybe? response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Request-Method", "GET,POST"); Before IE supported this, Firefox did, which made it nice for some users who wanted to make an cross origin ajax requests to one of our servlets.