Menu
I am getting a request from a JSP (from iPad) to a Servlet (my system). When I send the response to the JSP the browser and iPad app seem to discard the data coming from the proxy due to the missing header.
I set the header as
response.setHeader("Access-Control-Allow-Origin","*");
Access-Control-Allow-Origin is the header name coming from the iPad.
I have seen in the following link
http://en.wikipedia.org/wiki/List_of_HTTP_header_fields
that there is no Access-Control-Allow-Origin header type in Servlet.
Since the testing is going in different places, can you tell me the setheader I add is write one.
663
You do misinterpret the WikiPedia entry. In a servlet you are allowed to set whatever response header you want. The only constraint is that clients must be able to understand the header. Wikipedia does list the official HTTP headers available as per RFC 2616 and 4229 (see link you provided). Proprietary, custom headers are legal and often used.
In general you only have to set the Access-Control-Allow-Origin header when it comes to cross-domain script requests, e.g. the JSP retrieved from domain1.com does perform a client side request (JavaScript, AJAX) to a servlet hosted on domain2.com. Depending on your use case you have to decide whether you require the header or not. The official spec is available here. You should carefully read it... believe me!
185
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
