Disabling CORS on a servlet without disabling CORS site-wide

Question

I want to create a servlet that I can use to pass data to an in-browser javascript app. The issue I'm having is I can't find a way to disable CORS for the specific servlet - only for the entire site, which isn't ideal. Is there a way to achieve this?

abhishekshuk · Accepted Answer

If the dispatcher is in the picture1. Either set conditional apache header as per your request " e.g if your servlet URL is /wknd/marketting/SetEnvIf Request_URI "/wknd/amrketting/" corsHeader Set Access-Control-Allow-Origin "YOUR_DOMAIN" env=corsOr2. Use rewrite rule by enabling mod_rewrite moduleRewriteRule ^/wkndmarketting/$ - [ENV=cors:true]Header set "Access-Control-Allow-Origin" "*" env=cors Or3. add header in servlet responseresponse.addHeader("Access-Control-Allow-Origin", "either specific domain or allow all by using * "); Regards

EstebanBustamante · Answer

Did you try just appending the headers as part of your Servlet Response? Something like this:

response.addHeader("Access-Control-Allow-Origin", "*")

Another alternative could be to add headers through Apache, you will filter the incoming request to match your servlet path and then append the headers right there: https://ubiq.co/tech-blog/set-apache-header-conditionally/

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded