Simple tweak to CorsFilter for Chrome

[danizen]

Apparently, Chrome has a stricter implementation than normal for CORS. The spec. says that a pre-flight request should get a response code of 204 (accepted), and a simple request should actually do the work.

I recommend therefore that the uk.ac.ebi.fgpt.lode.servlet.CorsFilter be updated to respond with 204 to an OPTIONS request, which worked for us. Here's my implementation of doFilterInternal:

   @Override
   protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        response.addHeader("Access-Control-Allow-Origin", "*");
        response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT");
        response.addHeader("Access-Control-Allow-Headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With");
        response.addHeader("Access-Control-Max-Age", "1800"); // 30 minutes

        if (request.getMethod().equals("OPTIONS")) {
            // CORS "pre-flight" request
            response.setStatus(HttpServletResponse.SC_ACCEPTED);
            return;
        }

        // Simple request
        filterChain.doFilter(request, response);
   }

[danizen]

OK - I take it back - the Cors configuration was incorrect.