Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

Disabling CORS on a servlet without disabling CORS site-wide

Avatar

Level 1
Level 1
8/3/23 9:05:05 AM

I want to create a servlet that I can use to pass data to an in-browser javascript app. The issue I'm having is I can't find a way to disable CORS for the specific servlet - only for the entire site, which isn't ideal. Is there a way to achieve this?

Views

891

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
8/3/23 12:01:48 PM

If the dispatcher is in the picture

1. Either set conditional apache header as per your request " e.g if your servlet URL is /wknd/marketting/

SetEnvIf Request_URI "/wknd/amrketting/" cors
Header Set Access-Control-Allow-Origin "YOUR_DOMAIN" env=cors

Or

2. Use rewrite rule by enabling mod_rewrite module

RewriteRule ^/wkndmarketting/$ - [ENV=cors:true]
Header set "Access-Control-Allow-Origin" "*" env=cors

 

Or

3. add header in servlet response

response.addHeader("Access-Control-Allow-Origin", "either specific domain or allow all by using * ");

 

Regards

View solution in original post

Views

860

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
8/3/23 9:47:02 AM

Did you try just appending the headers as part of your Servlet Response? Something like this:

 

response.addHeader("Access-Control-Allow-Origin", "*")

 

Another alternative could be to add headers through Apache, you will filter the incoming request to match your servlet path and then append the headers right there: https://ubiq.co/tech-blog/set-apache-header-conditionally/  


Esteban Bustamante

Views

881

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
8/3/23 12:01:48 PM

If the dispatcher is in the picture

1. Either set conditional apache header as per your request " e.g if your servlet URL is /wknd/marketting/

SetEnvIf Request_URI "/wknd/amrketting/" cors
Header Set Access-Control-Allow-Origin "YOUR_DOMAIN" env=cors

Or

2. Use rewrite rule by enabling mod_rewrite module

RewriteRule ^/wkndmarketting/$ - [ENV=cors:true]
Header set "Access-Control-Allow-Origin" "*" env=cors

 

Or

3. add header in servlet response

response.addHeader("Access-Control-Allow-Origin", "either specific domain or allow all by using * ");

 

Regards

Views

861

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
How to mock/unit test a Sling filter that does a redirect? (and other questions) Solved

Views

122

Likes

0

Replies

2
How to Expose a Custom Resolver Field in Content Fragments for AEM GraphQL queries Without Editing the Fragment Model

Views

1.6K

Likes

0

Replies

3
Career Roadways after getting AEM Sites Developer Professional

Views

565

Likes

0

Replies

2
Impact on Dispatcher cache when 10k pages are deleted

Views

458

Likes

0

Replies

5
How can I render a PDF from AEM DAM into JSON, including tables and images?

Views

572

Likes

0

Replies

2