Reputation: 23
work around gwt same origin policy
I have a gwt app that i debug on standard gwt port 8888 that comunicate with a JAX-RS/Jersey/Glassfish service running on port 8080
This is the gwt code:
StringBuffer postData = new StringBuffer();
postData.append(URL.encode("username")).append("=").append(URL.encode(user));
postData.append("&");
postData.append(URL.encode("password")).append("=").append(URL.encode(password));
RequestBuilder builder = new RequestBuilder(RequestBuilder.POST, "http://localhost:8888/gestdoc/resources/data/login");
builder.setHeader("Content-type", "application/x-www-form-urlencoded");
try {
builder.sendRequest(postData.toString(), new RequestCallback() {
public void onResponseReceived(Request request, Response response)
{
String responseText = response.getText();
String headers= response.getHeadersAsString();
String statusText= response.getStatusText();
int statusCode= response.getStatusCode();
String toString= response.toString();
System.out.println("responseText: "+responseText);
System.out.println("headers: "+headers);
System.out.println("statusTest: "+statusText);
System.out.println("statusCode: "+statusCode);
System.out.println("toString: "+toString);
GestoreUtenze.this.cddoc.loginResponse(true);
}
public void onError(Request request, Throwable exception) {
// exception handling
}
});
} catch (RequestException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
This is the output:
responseText:
headers:
statusTest:
statusCode: 0
toString: com.google.gwt.http.client.Request$1@6c1a82
I have a java batch client with i have tested my Jersey services and are ok.
I have read many post and I suppose that I have a SAME ORIGIN POLICY problem.
I have tried many solutions:
- Run the browser where i debug my gwt app with non Same Origin Policy (chrome and firefox)
- Add the row in my gwt config file
- I have tried to set up a proxy without success. How can I do?
Can you help me to solve this problem please?
Upvotes: 2
Views: 1176
Answers (1)
Reputation: 14893
The only usable way I found so fare was starting Google Chrome with
--disable-web-security
This disables the Same Origin Policy.
You can do this in Win 7 by pressing [Strg + SHift + Right click] --> Properties and add --disable-web-security to the target property. However you should only use this property when debugging!
FF and IE don't seem to have a working way to bypass the SOP policy (couldn't get any of the examples I found online to working and tried at least a week! :/)
Upvotes: 1
Related Questions
- GWT Blocked a frame with origin "http://localhost" from accessing a cross-origin frame
- Google Web Toolkit (GWT), getting legacy JavaScript code to make AJAX calls through GWT app (to get around same origin policy)?
- GWT same origin policy workaround?
- GWT :URL is invalid or violates the same-origin security restriction
- GWT - Way around Access-Control-Allow-Origin?
- GWT and Third Party Cross Domain JavaScript
- running GWT application from remote machine
- Accessing a file in another server from GWT Client side
- SOP issue behind reverse proxy
- What is the most straightforward GWT workaround for same origin policy restriction (trying to query google maps api)?