Menu
I have a RESTful webservice which will return string and it was written in Java (JAX-WS). My problem is when I send request to that webservice with URL like :
http://localhost:8080/project/webservices/getlist/getListCustomers
In the console it's giving me the error message below:
XMLHttpRequest cannot load url Origin localhost is not allowed by Access-Control-Allow-Origin
How can I handle this issue?
Java code:
@GET @Path("/getsample") public Response getMsg() { String output = "Jersey say : " ; return Response.status(200).entity(output).build(); } 
868
In Java servlets Simply add a header to your HttpServletResponse by calling addHeader : response. addHeader("Access-Control-Allow-Origin", "*");
Limiting the possible Access-Control-Allow-Origin values to a set of allowed origins requires code on the server side to check the value of the Origin request header, compare that to a list of allowed origins, and then if the Origin value is in the list, set the Access-Control-Allow-Origin value to the same value as ...
Enable CORS support on a REST API resourceSign in to the API Gateway console at https://console.aws.amazon.com/apigateway . Choose the API from the APIs list. Choose a resource under Resources. This will enable CORS for all the methods on the resource.
If the server is under your control, add the origin of the requesting site to the set of domains permitted access by adding it to the Access-Control-Allow-Origin header's value. You can also configure a site to allow any site to access it by using the * wildcard. You should only use this for public APIs.
Read here about your issue CORS : http://enable-cors.org/
Check if this one help you in your getMsg() method: return Response.ok(output).header("Access-Control-Allow-Origin", "*").build();
If above doesn't work try to add Jersey filter to your service. Create filter class:
package your.package; public class CORSFilter implements ContainerResponseFilter { @Override public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) { cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*"); cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true"); cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS, HEAD"); cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With"); return cresp; } } And register later win web.xml with:
<servlet> <servlet-name>CORS Filter</servlet-name> <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class> <init-param> <param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name> <param-value>your.package.CORSFilter</param-value> </init-param> </servlet> <servlet-mapping> <servlet-name>CORS Filter</servlet-name> <url-pattern>/webservices/*</url-pattern> </servlet-mapping> OPTIONS for the browser. Put this in the class where you have @GET. @OPTIONS @Path("/getsample") public Response getOptions() { return Response.ok() .header("Access-Control-Allow-Origin", "*") .header("Access-Control-Allow-Methods", "POST, GET, PUT, UPDATE, OPTIONS") .header("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With").build(); } "*" provided for "Access-Control-Allow-Origin" header with your custom domain where you access this resource. I.g. If you call this from http://localhost::8080 use something like this ("Access-Control-Allow-Origin", "http://localhost:8080") instead of asterisk "*".
118
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
