Reputation: 2646
Enabling CORS filter in Java play app
I tried to enable CORS filter on my java play app. I'm accessing localhost using angularjs to fetch some data. Here what I did in my play app side,
application.conf
play.http.filters = "com.de.filters.Filters"
play.filters.cors {
allowedOrigins = null
allowedHttpMethods = ["GET", "POST"]
allowedHttpHeaders = ["Accept"]
preflightMaxAge = 3 days
}
Filters.java
public class Filters implements HttpFilters {
@Inject
CORSFilter corsFilter;
public EssentialFilter[] filters() {
return new EssentialFilter[]{corsFilter};
}
}
When I'm trying to call my service, It's giving me an error,
XMLHttpRequest cannot load http://localhost:9000/app/search/0/10. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 403.
How may I fix this?
Upvotes: 3
Views: 1094
Answers (3)
Reputation: 338
I finally got my CORSFilter to work. There is very little documentation on this and what is there doesn't work. Hope this helps someone out. (Play 2.5.4)
import com.google.inject.Inject;
import play.http.HttpFilters;
import play.mvc.EssentialAction;
import play.mvc.EssentialFilter;
import play.filters.cors.CORSFilter;
public class MyFilters extends EssentialFilter implements HttpFilters {
@Inject
private CORSFilter corsFilter;
@Override
public EssentialAction apply(EssentialAction next) {
return corsFilter.asJava().apply(next);
}
@Override
public EssentialFilter[] filters() {
EssentialFilter[] result = new EssentialFilter[1];
result[0] = this;
return result;
}
}
Also added this into the application.conf
play.filters.cors{
# allow all paths
pathPrefixes = ["/"]
# allow all origins
allowedOrigins = null
allowedHttpMethods = ["GET", "POST", "PUT", "DELETE"]
# allow all headers
allowedHttpHeaders = null
}
Upvotes: 2
Reputation: 12948
Add these lines into application.conf instead.
play.filters.cors {
# allow all paths
pathPrefixes = ["/"]
# allow all origins
allowedOrigins = null
allowedHttpMethods = ["GET", "POST", "PUT", "DELETE"]
# allow all headers
allowedHttpHeaders = null
}
You can refer this answer of me for more info.
Upvotes: 0
Reputation: 1772
From the Play 2.3 Documentation,
first add your filters to the libraryDependencies list in the build.sbt as stated below.
libraryDependencies += filters
Then, in the application.conf, don't set play.filters.cors.allowedOrigins as [null], it defaults to "all origins are allowed". Set a valid domain list or just ignore it. Don't forget to reference your filters:
play.http.filters = "filters.Filters"
At last, in your Filters.filter() method, write as below, specifying asJava() method, as stated in the docs.
public EssentialFilter[] filters() {
return new EssentialFilter[] {
corsFilter.asJava()
};
}
Upvotes: 2
Related Questions
- How do I avoid checking for nulls in Java?
- Trying to use fetch and pass in mode: no-cors
- How do I read / convert an InputStream into a String in Java?
- Is Java "pass-by-reference" or "pass-by-value"?
- How do I generate random integers within a specific range in Java?
- No 'Access-Control-Allow-Origin' header is present on the requested resource—when trying to get data from a REST API
- What are the differences between a HashMap and a Hashtable in Java?
- Why does my http://localhost CORS origin not work?
- No 'Access-Control-Allow-Origin' - Node / Apache Port Issue
- Response to preflight request doesn't pass access control check - No 'Access-Control-Allow-Origin' header