0

There have been lot of discussions about CORS and 'Access-Control-Allow-Origin' error, I have tried and read(doing it for 2 days now) lots of potential solutions but my concern is where to place the solution code. How and in which file do I need to make changes for header to give Access to all cross server calls. I am using Ember CLI, Tomcat Apache(which is getting data from database), running on Chrome, and using ember-data. May be a noob question but I really am not able to get out of it, really need help. Thanks in Advance.

UPDATE: I am running Apache Tomcat 7 via eclipse and using simple JAVA OracleJDBC request/response to get data.

Improve this question
5
  • I am not sure how much will it help in your case as you are using apache but you can check this(aameer.github.io/articles/cross-origin-resource-sharing-cors) post which I wrote sometime back for cors. Hope it helps Commented Sep 14, 2015 at 10:14
  • @sidharth, you can set ENV.contentSecurityPolicyHeader = 'Disabled-Content-Security-Policy' in your config/environment.js file to disable the error. Commented Sep 14, 2015 at 12:55
  • @Aameer thanks, what i understand from this is that we need to set CORS header for client side as well as server side. Am I correct ? Commented Sep 15, 2015 at 3:58
  • @phkavitha the method you suggested didnot remove the ''Access-Control-Allow-Origin' error. Commented Sep 15, 2015 at 5:01
  • @sidharth yup you need it on both sides Commented Sep 15, 2015 at 6:20

1 Answer 1

Reset to default
0

Basically this error is not of the Ember-Cli. This is what your server (tomcat in your case) is responding, when your Ember application is communicating to your server. I don't know what version are you using of TomCat. But I will illustrate to you how to fix this problem in TomCat 7.

Open your web.xml file. It will be located in {apache-tomcat-directory}/conf/. You can add the filter to alter the CORS behavior anywhere in the file after the web-app root of XML file. But I will suggest you to do that after the portion of Built in Filter Mappings.

The filter will look like this:

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

After adding this you will be able to bypass this error. But this is only recommended if you are doing it for development purposes. Please read here for complete understanding of TomCat's CORS filter.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I am using Tom Cat 7, and running it via eclipse. Your solution it doesn't seem to be bypassing the issue,since am still getting the same error, although it changes the url Method to 'GET' from 'OPTION' that it was previously showing. Any idea why ?
when i made these changes i observed a new thing which was not happening priorly. when i hit the server directly via browser for database it does not display rather is gives error:--------.>>" >HTTP Status 405 - HTTP method GET is not supported by this URL type Status report message HTTP method GET is not supported by this URL description The specified HTTP method is not allowed for the requested resource."<
Try to add these also under the <filter>: <init-param><param-name>cors.allowed.methods</param-name><param-value>GET,POST,HEAD,OPTIONS,PUT</param-value</init-param>
however, this seems to work sonsummately >>>>>Ember.$.getJSON('localhost:8082/connection/testdb?tablename=members', function(data){ console.log(data.members[0].response);})
with your tags "ember g http-proxy posts" was needed to go cross server.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.