CORS policy No Access-Control-Allow-Origin


#1

Hi,

im using the full distribution on a tomcat application server 7.11.0.

In my webapp i want to load resources via jQuery/ajax from a different origin. Every time i load the resources i get the following error:
access to XMLHttpRequest at ‘https://different origin’ from origin ‘http://localhost:8080’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

How do i allow access to the resources? I already tried to configure the web.xml in the engine-rest and the server/conf folder with the propertys:

<filter>
 <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>    
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

but it doesnt work. Maybe one of you knows how to do that. You would help me a lot.


#2

Hi @Adrian,

you have to configure the Server at different origin to reply with a valid access-control-allow-origin header. The request is blocked by your browser, not the camunda engine

Best Regards
Martin


#3

thanks for the response. Do you mean the local tomcat server or the server I’m loading the resources from?


#4

The server you are loading the resources from, not localhost. You can find it in the error message at this location: access to XMLHttpRequest at --> ‘https://different origin’ <---


#5

i already get the value http://localhost:8080 as response for the attribute access-control-allow-origin but it still does not work