-
-
Save craigbeck/fb71818063175b9b4210 to your computer and use it in GitHub Desktop.
| // in run method of your application: | |
| final FilterRegistration.Dynamic cors = environment.servlets().addFilter("crossOriginRequsts", CrossOriginFilter.class); | |
| cors.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*"); |
Has anybody found the answer to this question yet? I would like to know.
this works for 0.7, 0.8 and 0.9. I think some people have issues because the Jetty CrossOriginFilter's DEFAULT_ALLOWED_HEADERS doesn't contain Authorization and DEFAULT_ALLOWED_METHODS doesn't contain OPTIONS. So you may need to add them in depending on the error you're getting. I have a longer version here that worked for me
This should work, there is a typo in the snippet however, "crossOriginRequsts" should be "crossOriginRequests"
Worth noting that if you have authentication / authorization filters setup, you'll likely want to configure the filter with this:
cors.setInitParameter(CrossOriginFilter.CHAIN_PREFLIGHT_PARAM, Boolean.FALSE.toString());
This will prevent preflight requests (that don't have authorization headers on them) from getting filtered by your down-stream authentication / authorization filters which would result in a 401~403 instead of a 200.
Hi @craigbeck. I try to migrate to dropwizard 0.8.0, but this doesn't work. Do you know what to change to make it work on latest 0.8.0-rc1 version ?