>-----Original Message-----
>From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov]
>Subject: RE: CORS on Tomcat?
>
>>-----Original Message-----
>>From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>>Subject: Re: CORS on Tomcat?
>>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA256
>>
>>Leo,
>>
>>On 5/21/13 11:34 AM, Leo Donahue - RDSA IT wrote:
>>> Does Tomcat support setting this header on the server?
>>>
>>> Header set Access-Control-Allow-Origin "*"
>>>
>>> If yes, where do we set it?
>>
>>You should know how to do this by now: url-rewrite.
>
>Thanks Chris. But.. but.. Apache has it...
>
>I wanted to avoid using a proxy that turns lengthy GET requests into POST
>requests for one of our REST based web apps. I was reading online where
>Cross Origin Resource Sharing was possible on some servers. Specifically here:
>http://enable-cors.org/server.html
>
I realize I can set the header in the response, but was hoping this can be
something we set on the server for a specific context maybe?
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Request-Method", "GET,POST");
Before IE supported this, Firefox did, which made it nice for some users who
wanted to make an cross origin ajax requests to one of our servlets.
