>-----Original Message----- >From: Christopher Schultz [mailto:ch...@christopherschultz.net] >Subject: Re: CORS on Tomcat? > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA256 > >Leo, > >On 5/21/13 11:34 AM, Leo Donahue - RDSA IT wrote: >> Does Tomcat support setting this header on the server? >> >> Header set Access-Control-Allow-Origin "*" >> >> If yes, where do we set it? > >You should know how to do this by now: url-rewrite.
Thanks Chris. But.. but.. Apache has it... I wanted to avoid using a proxy that turns lengthy GET requests into POST requests for one of our REST based web apps. I was reading online where Cross Origin Resource Sharing was possible on some servers. Specifically here: http://enable-cors.org/server.html > >If you are using this with the CSRF prevention filter, you probably want to >also >mention those other domains in the "entryPoints" attribute. > >- -chris
