It should be registered as a singleton in the Application subclass.
public class CORSResponseFilter implements ContainerResponseFilter {
Logger logger = LoggerFactory.getLogger(getClass().getName());
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
MultivaluedMap headers = responseContext.getHeaders();
String origin = requestContext.getHeaderString("Origin");
if (origin != null) {
headers.add("Access-Control-Allow-Origin", requestContext.getHeaderString("Origin"));
}
headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");
headers.add("Access-Control-Allow-Credentials", true);
}
}
RESTEasy also provides a CORS filter class. I do not know why it is not only response but also request filter. It is used as any other filter but needs configuration of all the headers to be added.
CorsFilter filter = new CorsFilter();
filter.getAllowedOrigins().add("*");
No comments:
Post a Comment