tomcat8 - How to generate access-control-allow-origin on tomcat 8 for a specific URL? -


i'm using tomcat 8 , when try set access-control-allow-origin allow 1 specific url, don't see when call webapp.

this web.xml:

<web-app xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="webapp_id" version="3.0">    <servlet>     <servlet-name>myservlet</servlet-name>     <servlet-class>com.example.myservlet</servlet-class>   </servlet>    <servlet-mapping>     <servlet-name>myservlet</servlet-name>     <url-pattern>/getresponse</url-pattern>   </servlet-mapping>    <servlet>     <servlet-name>getserverinfoservlet</servlet-name>     <servlet-class>com.example.getserverinfoservlet</servlet-class>   </servlet>    <servlet-mapping>     <servlet-name>getserverinfoservlet</servlet-name>     <url-pattern>/getserverinfo</url-pattern>   </servlet-mapping>    <filter>     <filter-name>corsfilter</filter-name>     <filter-class>org.apache.catalina.filters.corsfilter</filter-class>      <init-param>       <param-name>cors.allowed.origins</param-name>       <param-value>https://www.example.com</param-value>     </init-param>      <init-param>       <param-name>cors.allowed.methods</param-name>       <param-value>get, post, head, options</param-value>     </init-param>      <init-param>       <param-name>cors.allowed.headers</param-name>       <param-value>x-csrf-token, content-type, authorization, accept, x-request-with</param-value>     </init-param>      <init-param>       <param-name>cors.exposed.headers</param-name>       <param-value>x-csrf-token, content-type, authorization, accept, x-request-with</param-value>     </init-param>      <init-param>       <param-name>cors.support.credentials</param-name>       <param-value>true</param-value>     </init-param>      <init-param>       <param-name>cors.logging.enabled</param-name>       <param-value>true</param-value>     </init-param>      <init-param>       <param-name>cors.preflight.maxage</param-name>       <param-value>1800</param-value>     </init-param>      <init-param>       <param-name>cors.request.decorate</param-name>       <param-value>true</param-value>     </init-param>    </filter>    <filter-mapping>      <filter-name>corsfilter</filter-name>      <url-pattern>/*</url-pattern>   </filter-mapping> </web-app> 

note in file, have specific url defined:

<param-name>cors.allowed.origins</param-name> <param-value>https://www.example.com</param-value> 

this result of call in postman:

content-length →5 date →fri, 28 jul 2017 13:00:33 gmt server →apache-coyote/1.1 

why don't see access-control-allow-origin in response headers?


Comments

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

vue.js - Create hooks for automated testing -

Add new key value to json node in java -