I am writing a web application using AngularJS on the front end and JAX-RS on the backend. The front end can make HTTP post requests successfully to the backend when the CORS extension in chrome has 'enable CORS' on. When it is off, it comes back with an error -
The 'Access-Control-Allow-Origin' header contains multiple values 'http://127.0.0.1:XYZXX, *', but only one is allowed. Origin 'http://127.0.0.1:XYZXX' is therefore not allowed access.
The backend has a CORSFilter.java file configured as below -
public class CORSFilter implements ContainerResponseFilter {
@Override
public ContainerResponse filter(ContainerRequest request,
ContainerResponse response) {
response.getHttpHeaders().add("Access-Control-Allow-Origin", "*");
response.getHttpHeaders().add("Access-Control-Allow-Headers",
"origin, content-type, accept, authorization");
response.getHttpHeaders().add("Access-Control-Allow-Credentials","true");
response.getHttpHeaders().add("Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS, HEAD");
return response;
}
}
I have tried suggestions in various stackoverflow posts like deleting the X-REQUESTED-WITH and setting UseXDomain to true -
delete $http.defaults.headers.common['X-Requested-With']; $http.defaults.useXDomain = true;
I have also tried changing the content-type to Form/URLEncoded instead of Application/JSON. None seem to enable sending the POSTs except the Chrome extension - which makes me think the solution should be on client side.
Please help! - Thanks in advance.
