See this for firefox OPTIONS method and the comon same-origin policy: https://developer.mozilla.org/En/HTTP_access_control
use @OPTIONS method in ur resourse and set this headers, allowed method and origin, like this: ex. http://blog.arc90.com/2008/09/15/custom-http-response-headers-with-restlet/ @OPTIONS private void generateResponseHeaders(){ Form responseHeaders = (Form) getResponse().getAttributes().get("org.restlet.http.headers"); if (responseHeaders == null) { responseHeaders = new Form(); getResponse().getAttributes().put("org.restlet.http.headers", responseHeaders); } responseHeaders.add("Access-Control-Allow-Origin", "the value"); } ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2464007
