> From: Emi <em...@encs.concordia.ca>
> To: Struts Users Mailing List <user@struts.apache.org>,
> Date: 17.03.2017 16:57
> Subject: ajax for https in struts
>
> Hello,
>
> Ajax methods work in http, but NOT https.
>
> Seems due to cross-origin HTTP request.
Can you be more precise, please?
What is the original URL and which URL do you try to access with AJAX?
>
> May I know how to setup "Access-Control-Allow-Origin" in
> struts/jsp/servlet please?
>
>
> Have tried the following but did NOT work.
>
> (1) mainlayout.jsp
> response.addHeader("Access-Control-Allow-Origin", "*");
>
AFAIK browsers send a special OPTIONS request to determine
"Access-Control-Allow-Origin". I don't think that you can just add that
header in a jsp.
>
> (2) web.xml
>
>cors
>CORSFilter
>
>
>
> cors
> /*
>
>
> public class CORSFilter extends OncePerRequestFilter
> {
> @Override
> protected void doFilterInternal(
> HttpServletRequest request,
> HttpServletResponse response,
> FilterChain filterChain
> ) throws ServletException, IOException
> {
> response.addHeader("Access-Control-Allow-Origin", "*");
> filterChain.doFilter(request, response);
> }
> }
>
Tomcat provides a built in cors filter. Look at this flowchart of tomcat
docs:
https://tomcat.apache.org/tomcat-7.0-doc/images/cors-flowchart.png
As you can see it is quite complicated :)
Regards,
Christoph
>
>
>
> example ajax method:
>
> function test(str, url)
> {
> var xmlhttp;
> if (str.length==0)
> {
>document.getElementById("txt_hint").innerHTML="";
>return;
> }
> xmlhttp=new XMLHttpRequest();
>
> xmlhttp.onreadystatechange=function()
> {
>if (xmlhttp.readyState==4 && xmlhttp.status==200)
>{
> var tmp = xmlhttp.responseText;
> document.getElementById("txt_hint").innerHTML = tmp;
>}
> }
> xmlhttp.open("POST", url + "?str=" + str, true);
> xmlhttp.send();
> }
>
> Thanks a lot!
>
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
This Email was scanned by Sophos Anti Virus