Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

servlet and cors

Avatar

Avatar
Ignite 10
Level 4
TB3dock
Level 4

Likes

34 likes

Total Posts

203 posts

Correct Reply

4 solutions
Top badges earned
Ignite 10
Boost 25
Give Back 25
Validate 10
Validate 1
View profile

Avatar
Ignite 10
Level 4
TB3dock
Level 4

Likes

34 likes

Total Posts

203 posts

Correct Reply

4 solutions
Top badges earned
Ignite 10
Boost 25
Give Back 25
Validate 10
Validate 1
View profile
TB3dock
Level 4

05-05-2021

We have a serlvet which serves json to the front end which uses a fixed path, eg. /bin/myapi/somecall.

This works if you are calling it from the same host and port, but fails from anything else.  E.g. devs hitting a local author from react from 3000 instead of 4502

The "understanding cors" page hints that you can configure this with XML which starts with <jcr:root xmlns:sling=...

The question is, where in our source code should these XML files live, and what should they be called?

There is a section in the http://localhost:4502/system/console/configMgr for "com.adobe.granite.cors.impl.CORSPolicyImpl.d5e5ad16-601e-4215-8bad-15f4980b7722" but this is not editable for some devs (i.e. save doesn't save).

Can Cors be configured with json osgi configs?  If so, how does one know what number to put on the end for new ones?  Is there an example of this anywhere?

View Entire Topic

Avatar

Avatar
Boost 5
Level 5
Ritesh_M
Level 5

Likes

101 likes

Total Posts

81 posts

Correct Reply

26 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile

Avatar
Boost 5
Level 5
Ritesh_M
Level 5

Likes

101 likes

Total Posts

81 posts

Correct Reply

26 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile
Ritesh_M
Level 5

05-05-2021

 

@TB3dock ,

 

Just to confirm if you are really getting CORS error or Authentication error, since localhost:4502 is generally considered as author instance which requires authentication, so if you want to call any servlet which requires authentication then you need to set authorization header while calling the servlet/API.

 

Other then this question, resource type based servlets are more preferable than path based ones because of security, dispatcher allow config, etc