Hi, I’m running Tomcat 7.0. Can’t find the version.bat file, so I don’t know more than that. It’s installed on a Windows computer running Windows Server 2003 DataCenter Edition. (How’s that for refusing to upgrade?) Anyway, it’s a client’s box. I’m trying to migrate an application to JavaScript from GWT, but that’s beside the point. The problem is, I’m unable to send an XMLHttpRequest to this Tomcat instance via https. The site is being served by the same domain, but via http.
I get: Failed to load resource: Origin http://www.domain.com is not allowed by Access-Control-Allow-Origin. https://www.domain.com/application/api/request XMLHttpRequest cannot load https://www.domain.com/application/api/reqeuest. Origin http://www.domain.com is not allowed by Access-Control-Allow-Origin. This is an excerpt my web.xml file for the war: > <filter> > <filter-name>CorsFilter</filter-name> > > <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> > <init-param> > <param-name>cors.allowed.origins</param-name> > <param-value> http://www.domain.com, > http://beta.domain.com:8080, http://localhost:8080</param-value> > </init-param> > <init-param> > <param-name>cors.allowed.methods</param-name> > <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value> > </init-param> > </filter> > > <filter-mapping> > <filter-name>CorsFilter</filter-name> > <url-pattern>/api/*</url-pattern> > </filter-mapping> I’d like to debug this, but I don’t know how to go about it. Am I suffering from a basic misunderstanding? Does cors not allow http to https? Anyway, any help would be appreciated. Thanks, Richard