Andrew
The best option is to make an exception mapper for
DefaultOptionsMethodException and add the CORS headers within the toResponse
method of the mapper. For example:
@Provider
public class OptionsMethodExceptionMapper implements
ExceptionMapper<DefaultOptionsMethodException>{
@Override
public Response toResponse(DefaultOptionsMethodException exception) {
Response.ResponseBuilder builder =Response.ok();
//..here add CORS to headers of the builder
return builder.build();
}
By doing this all your resources will have OPTIONS response with CORS headers.
Thanks
A.P. Rajshekhar
----- Original Message -----
From: "andrew simpson" <[email protected]>
To: [email protected]
Sent: Tuesday, April 1, 2014 11:28:45 AM
Subject: [Resteasy-users] @OPTIONS / allowing cross-site scripting
I've hit a well-known problem with cross site scripting; I'd like to develop
javascript locally, but using REST services hosted remotely
http://stackoverflow.com/questions/14589031/ajax-request-with-jax-rs-resteasy-implementing-cors
I've tried a number of ways of implementing an OPTIONS method that allows
clients from other origins to collect, but none of them seem to work. I've
tried curl to confirm with curl, but don't see the access-control-* headers
returned; my suspicion is that the @path directives are somehow not matching my
request.
Does anyone have a pointer to an example which works with a recent version of
RestEasy (I'm using 3.0.6 and JBoss AS 7.1.1)
Thanks..
Andrew
------------------------------------------------------------------------------
_______________________________________________
Resteasy-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/resteasy-users
