I'm working with my first web application. I have a Java server app using Jersey for a RESTful API, and I have a JavaScript (JQuery) driven client application. I'm an experienced Java developer, but this is my first time working with JavaScript and CORS in general.
So, first, here is the filter that is adding CORS headers to all responses coming through my server. I've run the application in debug mode, I know this filter is executing properly.
@Provider
public class CrossOriginHeaderFilter implements ContainerResponseFilter{
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
MultivaluedMap<String,Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*"); //TODO specify the origin here
headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS");
headers.add("Access-Control-Allow-Headers", "*"); //TODO figure out what headers to allow
headers.add("Access-Control-Allow-Credentials", true);
}
}
And here is the JQuery Ajax call I'm using to call the server:
$.ajax({
url: "http://localhost:8080/orgapi/auth",
type: "POST",
headers: {
"Access-Control-Request-Method": "POST"
},
crossOrigin: true,
data: jsonMsg,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(){
alert("Login successful");
},
error: function(jqXHR, textStatus, errorThrown){
console.log(jqXHR);
alert(textStatus);
console.log(errorThrown);
}
});
I've been reading all I can find about CORS and all of this, and I'm just stuck right now. I don't know what I am doing wrong, but I'm willing to bet I'm configuring something wrong with my headers.
If someone could help me with this, it would be appreciated. Thanks.
