Expand my Community achievements bar.

SOLVED

Disabling CORS on a servlet without disabling CORS site-wide

Avatar

Level 1
Level 1
8/3/23 9:05:05 AM

I want to create a servlet that I can use to pass data to an in-browser javascript app. The issue I'm having is I can't find a way to disable CORS for the specific servlet - only for the entire site, which isn't ideal. Is there a way to achieve this?

Views

559

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
8/3/23 12:01:48 PM

If the dispatcher is in the picture

1. Either set conditional apache header as per your request " e.g if your servlet URL is /wknd/marketting/

SetEnvIf Request_URI "/wknd/amrketting/" cors
Header Set Access-Control-Allow-Origin "YOUR_DOMAIN" env=cors

Or

2. Use rewrite rule by enabling mod_rewrite module

RewriteRule ^/wkndmarketting/$ - [ENV=cors:true]
Header set "Access-Control-Allow-Origin" "*" env=cors

 

Or

3. add header in servlet response

response.addHeader("Access-Control-Allow-Origin", "either specific domain or allow all by using * ");

 

Regards

View solution in original post

Views

528

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Community Advisor
Community Advisor
8/3/23 9:47:02 AM

Did you try just appending the headers as part of your Servlet Response? Something like this:

 

response.addHeader("Access-Control-Allow-Origin", "*")

 

Another alternative could be to add headers through Apache, you will filter the incoming request to match your servlet path and then append the headers right there: https://ubiq.co/tech-blog/set-apache-header-conditionally/  


Esteban Bustamante

Views

549

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
8/3/23 12:01:48 PM

If the dispatcher is in the picture

1. Either set conditional apache header as per your request " e.g if your servlet URL is /wknd/marketting/

SetEnvIf Request_URI "/wknd/amrketting/" cors
Header Set Access-Control-Allow-Origin "YOUR_DOMAIN" env=cors

Or

2. Use rewrite rule by enabling mod_rewrite module

RewriteRule ^/wkndmarketting/$ - [ENV=cors:true]
Header set "Access-Control-Allow-Origin" "*" env=cors

 

Or

3. add header in servlet response

response.addHeader("Access-Control-Allow-Origin", "either specific domain or allow all by using * ");

 

Regards

Views

529

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Pages are appearing white while migrating code from on-premise to cloud

Views

124

Like

1

Replies

3
Disable dispatcher caching for specific requests

Views

148

Like

1

Replies

5
Sitemap custom cannot be accessed on my AEM website

Views

181

Likes

0

Replies

4
Why are asset links breaking on sites when asset expiration dates have passed?

Views

94

Likes

0

Replies

2
Dispatcher setup on Linux Error

Views

108

Likes

0

Replies

2