All geek questions in one place

Access Control Allow Passage in Servlet

I get a request from JSP (from iPad) to servlet (my system). When I send a response to the JSP, the browser and the iPad app seem to drop data coming from the proxy due to a missing header.
I set the title as

response.setHeader("Access-Control-Allow-Origin","*");

Access-Control-Allow-Origin is the title name coming from the iPad.
I saw in the following link http://en.wikipedia.org/wiki/List_of_HTTP_header_fields that there is no Access-Control-Allow-Origin header type in Servlet.
Since testing takes place in different places, can you tell me what suits me, I write one.

+6
source share
1 answer

You are interpreting the WikiPedia entry incorrectly. In the servlet, you can set any response header you want. The only limitation is that clients must understand the headline. Wikipedia lists the official HTTP headers available under RFC 2616 and 4229 (see Link provided by you). Own custom headers are legal and often used.

In general, you only need to set the Access-Control-Allow-Origin header when it comes to cross-domain script requests, for example. The JSP obtained from domain1.com performs a client-side request (JavaScript, AJAX) on a servlet hosted on domain2.com. Depending on your use case, you must decide whether you need a heading or not. The official specification is available here . You must read this carefully ... believe me!

+6
source

Source: https://habr.com/ru/post/895250/

More articles:


All Articles