CORS header in response REST-API call (SOLVED)

If you think that something doesn't work in Aware IM post your message here
Post Reply
jannes
Posts: 100
Joined: Tue Jul 02, 2019 12:22 pm

CORS header in response REST-API call (SOLVED)

Post by jannes »

Another party is using our exposed webservices.
They say : the browser needs a CORS header in the response of the REST-API call.

Therefore I added these lines in
..AwareIM\TomCat\webapps\AwareIM\WEB-INF\web.xml
and
..AwareIM\TomCat\conf\web.xml


<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

But no result yet.

How to do this ?
Which web.xml should be altered ?

See also :
https://tomcat.apache.org/tomcat-7.0-do ... attributes

regards
Jannes
Last edited by jannes on Fri Sep 10, 2021 7:41 am, edited 1 time in total.
jannes
Posts: 100
Joined: Tue Jul 02, 2019 12:22 pm

Re: CORS header in response REST-API call (SOLVED)

Post by jannes »

It is solved by adding in ..AwareIM\TomCat\conf\web.xml (replace <mysite> in your own url(s) ) :

<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>https://www.apache.org, https://www.<mysite>.nl, http://scanner.<mysite>.nl</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


Now the app can use the webservice.

It is not necessary to restart AwareIM or reboot the server.
Post Reply