0

I have a webservice like: 

@Controller
@RequestMapping("/")
public class ApplicationController {

    @RequestMapping(value="/Changes", method = RequestMethod.GET)
    public String inspect(ModelMap model) {
         model.addAttribute("msg", "example");

         return "index";
    }
}

in the link: "localhost:8081/ChangesPDF/Changes?..."

I'm trying to get the response of this webservice through Alfresco that is in the link: "localhost:8080/share". I have different ports now (when I have same ports, this works good), so, with different ports I get the error in Alfresco:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8081/ChangesPDF/Changes?... (Reason: Header CORS 'Access-Control-Allow-Origin' missing).

How can I add this header?

PRVS
  • 1,612
  • 4
  • 38
  • 75

3 Answers3

1

You should add a filter that sets the "Access-Control-Allow-Origin" to accepts domain "localhost:8081" (* for all).

Most probably you will find your answer here cores-filter-not-working

More explanation:

Create a filter class first

public class CorsFilter implements Filter {

    private static final Logger log = Logger.getAnonymousLogger();

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {}

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpServletRequest request = (HttpServletRequest) servletRequest;

        // can be moved to properties
        String[] allowDomain = {"localhost:8080","localhost:8081"};              


        String originHeader = request.getHeader("host");

        for(String domian : allowDomain){

            if(originHeader.endsWith(domian))

            response.setHeader("Access-Control-Allow-Origin", originHeader);
            break;
        }
        filterChain.doFilter(servletRequest, servletResponse);

    }

    @Override
    public void destroy() {}
}

Add mapping to your web.xml class

<filter>
    <filter-name>cors</filter-name>
    <filter-class>full name of your filter class here</filter-class>
</filter>

<filter-mapping>
    <filter-name>cors</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

you should correclty define the URL pattren in web.xml config according to your requirnment

Community
  • 1
  • 1
PyThon
  • 1,007
  • 9
  • 22
  • But in my situation, how can I do this? I don't return a `HttpServletResponse response` so, if I make `response.setHeader` not makes effect. – PRVS Feb 27 '16 at 17:12
  • Edited my answer to include how to setup filter – PyThon Feb 27 '16 at 17:23
  • The url-pattern is which url? – PRVS Feb 27 '16 at 17:30
  • try the new filter code, i have added both the domain in allowed list – PyThon Feb 27 '16 at 17:44
  • I'm trying to modify web.xml but I got: `[INFO] WEB-INF/web.xml already added, skipping` in the maven. You know why? – PRVS Feb 27 '16 at 17:57
  • Might be you are overriding your web.xml. There must only one and one web.xml that should existing. try posting you pom configuration too then i can help – PyThon Feb 27 '16 at 18:04
  • Any idea? My pom.xml is in that link above. – PRVS Feb 27 '16 at 18:50
  • Try generating web.xml like this ... Then edit it as required ... http://stackoverflow.com/a/26562633/3556394 – PyThon Feb 27 '16 at 19:04
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/104746/discussion-between-python-and-prvs). – PyThon Feb 27 '16 at 19:04
  • Alternative you can define the war plugin under build tag in pom file that takes web.xml file as an arguments org.apache.maven.plugins maven-war-plugin src\main\webapp\WEB-INF\web.xml – PyThon Feb 27 '16 at 19:08
  • It works but with @CrossOrigin too. Both solutions merged. – PRVS Feb 27 '16 at 21:26
1

If you are using Spring 4.2+, you can use the @CrossOrigin annotation : 

@Controller
@RequestMapping("/")
public class ApplicationController {

    @CrossOrigin
    @RequestMapping(value="/Changes", method = RequestMethod.GET)
    public String inspect(ModelMap model) {
         model.addAttribute("msg", "example");

         return "index";
    }
}

Otherwise, you'll need to register a CORS filter in your Spring application. Something like this.

Jean-Philippe Bond
  • 10,089
  • 3
  • 34
  • 60
0

I think your code may need to use Spring's @CrossOrigin annotation, e.g.:

import org.springframework.web.bind.annotation.CrossOrigin;

....

@Controller
@RequestMapping("/")
public class ApplicationController {

    @CrossOrigin
    @RequestMapping(value="/Changes", method = RequestMethod.GET)
    public String inspect(ModelMap model) {
        model.addAttribute("msg", "example");

        return "index";
    }
}

This will allow all origins, which may or may not be enough for your needs.

For reference, I found the above described in this article, and mentioned in the Spring blog here.

Hope this helps!

Castaglia
  • 2,972
  • 5
  • 28
  • 49
  • What happens if you use the `@CrossOrigin` annotation on the entire controller class, rather than on individual methods? – Castaglia Feb 27 '16 at 17:44