Enable CORS on Jax rs (resteasy)

Question

Enable CORS on Jax rs (resteasy)

Navigation

#1 by (1 votes)

2

I am developing an example of a rest api using jax rs and get to the point of having to add support for CORS and be able to consume it from an app in React, the other day publish the REST API in an online server and when React consumption locally works, but if I try to consume it from a page of type Stackblitz or resttesttest does not work.

It's worth mentioning that I'm using Wildfly 13 as the server, I already checked many different filter examples but none of them work for me in stackblitz or resttesttest.

Test API using the filter: my api

Here is my filter

@Provider
public class CorsResponseFilter implements Filter {

/**
 * Default constructor.
 */
public CorsResponseFilter() {
    // TODO Auto-generated constructor stub
}

/**
 * @see Filter#destroy()
 */
public void destroy() {
    // TODO Auto-generated method stub
}

/**
 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
 */
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
        throws IOException, ServletException {

    HttpServletRequest request = (HttpServletRequest) servletRequest;
    System.out.println("CORSFilter HTTP Request: " + request.getMethod());

    // Authorize (allow) all domains to consume the content
    ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Origin", "*");
    ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");

    HttpServletResponse resp = (HttpServletResponse) servletResponse;

    // For HTTP OPTIONS verb/method reply with ACCEPTED status code -- per CORS handshake
    if (request.getMethod().equals("OPTIONS")) {
        resp.setStatus(HttpServletResponse.SC_ACCEPTED);
        return;
    }

    // pass the request along the filter chain
    chain.doFilter(request, servletResponse);
}

/**
 * @see Filter#init(FilterConfig)
 */
public void init(FilterConfig fConfig) throws ServletException {
    // TODO Auto-generated method stub
}

}

The message I get in the browser console is this:

[Mixed-Content] The origin 'https://js-87ppru.stackblitz.io' was loaded in a secure context but tried to load an insecure  resource at 'http://node42071-env-8457498.jl.serv.net.mx/api'.

Here is the example in stackblitz that I use link

Note: I'm not interested in using a proxy like heroku.

java cors wildfly jax-rs

asked by Rene Garnica 05.11.2018 в 20:21

source

1 answer

Synchronize phone book with my app Change data in DataGrid

score 1 · Accepted Answer

Stackblitz has an address https://stackblitz.com/edit/...

That is, use HTTP S .

The error describes you from an HTTPS domain you can not make a call that requires CORS to an HTTP server . On the other hand, it would not work either.