tomcat8 - How to generate access-control-allow-origin on tomcat 8 for a specific URL? -
i'm using tomcat 8 , when try set access-control-allow-origin
allow 1 specific url, don't see when call webapp.
this web.xml:
<web-app xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="webapp_id" version="3.0"> <servlet> <servlet-name>myservlet</servlet-name> <servlet-class>com.example.myservlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>myservlet</servlet-name> <url-pattern>/getresponse</url-pattern> </servlet-mapping> <servlet> <servlet-name>getserverinfoservlet</servlet-name> <servlet-class>com.example.getserverinfoservlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>getserverinfoservlet</servlet-name> <url-pattern>/getserverinfo</url-pattern> </servlet-mapping> <filter> <filter-name>corsfilter</filter-name> <filter-class>org.apache.catalina.filters.corsfilter</filter-class> <init-param> <param-name>cors.allowed.origins</param-name> <param-value>https://www.example.com</param-value> </init-param> <init-param> <param-name>cors.allowed.methods</param-name> <param-value>get, post, head, options</param-value> </init-param> <init-param> <param-name>cors.allowed.headers</param-name> <param-value>x-csrf-token, content-type, authorization, accept, x-request-with</param-value> </init-param> <init-param> <param-name>cors.exposed.headers</param-name> <param-value>x-csrf-token, content-type, authorization, accept, x-request-with</param-value> </init-param> <init-param> <param-name>cors.support.credentials</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.logging.enabled</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.preflight.maxage</param-name> <param-value>1800</param-value> </init-param> <init-param> <param-name>cors.request.decorate</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>corsfilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
note in file, have specific url defined:
<param-name>cors.allowed.origins</param-name> <param-value>https://www.example.com</param-value>
this result of call in postman:
content-length →5 date →fri, 28 jul 2017 13:00:33 gmt server →apache-coyote/1.1
why don't see access-control-allow-origin in response headers?
Comments
Post a Comment