CORS filter not working with a JAX-RS application deployed in JBoss EAP 6
Issue
I am trying to add a filter which adds CORS Headers to my REST resources. (we are using the jetty-servlets-filter implementation as mentioned in: How to enable Cross-Origin Resource Sharing (CORS) on JBoss EAP 6 )
The filter does work, but only if the browser doesn't use a preflight before the actual call.
When the browser sends a preflight, the filter code gets executed, but the response header doesn't match the implementation. It seems like it gets overwritten somehow.
Header without preflight (GET-Call from Chrome Browser):
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Access-Control-Expose-Headers:Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Content-Type:application/json
Date:Wed, 16 Mar 2016 16:06:17 GMT
Server:Apache-Coyote/1.1
Transfer-Encoding:chunked
Header from preflight:
Allow:HEAD, POST, GET, OPTIONS
Content-Length:0
Date:Wed, 16 Mar 2016 16:06:03 GMT
Server:Apache-Coyote/1.1
What is wrong with my configuration?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.