evandor
commented
8 years ago This can be handled by adding the CorsService in an applications constructor like so:
CorsService corsService = new CorsService();
corsService.setAllowedOrigins(new HashSet(Arrays.asList("*")));
corsService.setAllowedCredentials(true);
getServices().add(corsService);In version 0.2.0, an application can be configured to use the CORS headers, e.g. in a file like io.skysail.server.app.demo.DemoApplication.cfg with content
corsOrigins = "*" corsAllowedHeaders = ... corsExposedHeaders = ... corsMethods = ... corsAllowCredentials = ...
skysail server should enable "Access-Control-Allow-Origin" by configuration:
The Headers
Access-Control-Allow-Origin Access-Control-Allow-Methods Access-Control-Allow-Headers Access-Control-Allow-Credentials Access-Control-Max-Age
should be configurable and sent with each request if set.