> From: Emi <em...@encs.concordia.ca> > To: Struts Users Mailing List <user@struts.apache.org>, > Date: 17.03.2017 16:57 > Subject: ajax for https in struts > > Hello, > > Ajax methods work in http, but NOT https. > > Seems due to cross-origin HTTP request.
Can you be more precise, please? What is the original URL and which URL do you try to access with AJAX? > > May I know how to setup "Access-Control-Allow-Origin" in > struts/jsp/servlet please? > > > Have tried the following but did NOT work. > > (1) mainlayout.jsp > response.addHeader("Access-Control-Allow-Origin", "*"); > AFAIK browsers send a special OPTIONS request to determine "Access-Control-Allow-Origin". I don't think that you can just add that header in a jsp. > > (2) web.xml > <filter> > <filter-name>cors</filter-name> > <filter-class>CORSFilter</filter-class> > </filter> > > <filter-mapping> > <filter-name>cors</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > > public class CORSFilter extends OncePerRequestFilter > { > @Override > protected void doFilterInternal( > HttpServletRequest request, > HttpServletResponse response, > FilterChain filterChain > ) throws ServletException, IOException > { > response.addHeader("Access-Control-Allow-Origin", "*"); > filterChain.doFilter(request, response); > } > } > Tomcat provides a built in cors filter. Look at this flowchart of tomcat docs: https://tomcat.apache.org/tomcat-7.0-doc/images/cors-flowchart.png As you can see it is quite complicated :) Regards, Christoph > > > > example ajax method: > > function test(str, url) > { > var xmlhttp; > if (str.length==0) > { > document.getElementById("txt_hint").innerHTML=""; > return; > } > xmlhttp=new XMLHttpRequest(); > > xmlhttp.onreadystatechange=function() > { > if (xmlhttp.readyState==4 && xmlhttp.status==200) > { > var tmp = xmlhttp.responseText; > document.getElementById("txt_hint").innerHTML = tmp; > } > } > xmlhttp.open("POST", url + "?str=" + str, true); > xmlhttp.send(); > } > > Thanks a lot! > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > This Email was scanned by Sophos Anti Virus