I want to add a XMLHttpRequest GET call from a SharePoint app to a Tomcat server. The challenge is the SharePoint app URL contain the AppID which can change if the app is reinstalled. For now, I want to have the Tomcat server service all requests regardless of the origin. (I'll be adding a custom filter later once I get the basics working). I am able to have the Tomcat server respond when I give the full pathname in the cors.allowed.origins parameter but when I replace the full pathname with a wildcard (*), I get: Origin http://apps-0d0bd9d06711be.apps.[sharepoint site] not found in Access-Control-Allow-Origin header.
I'm running Tomcat 9.0.24 on a Windows Server 2012 R2. The browser I'm using is Internet Explorer 11. Is there something else that needs to be configured for Tomcat to enable access from any origin? This is the filter in my web.xml file <filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> <init-param> <param-name>cors.allowed.origins</param-name> <param-value> http://apps-0d0bd9d06711be.apps.[sharepoint site]</param-value> </init-param> <init-param> <param-name>cors.allowed.methods</param-name> <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value> </init-param> <init-param> <param-name>cors.allowed.headers</param-name> <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value> </init-param> <init-param> <param-name>cors.exposed.headers</param-name> <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value> </init-param> <init-param> <param-name>cors.support.credentials</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.preflight.maxage</param-name> <param-value>10</param-value> </init-param> <init-param> <param-name>cors.supportedHeaders</param-name> <param-value>accept, authorization, origin</param-value> </init-param> </filter> <filter-mapping> <filter-name>CorsFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> This is the JavaScript function I'm using to do the XMLHttpRequest: function execute_xhttp_query(url) { return Q.Promise(function (resolve, reject) { var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function () { if (this.readyState === 4) { if (this.status === 200) { resolve(this.responseText); } else { reject(this.responseText); } } }; xhttp.open("GET", url, true); xhttp.send(); }); } --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
