B
brianlafertewk
Guest
I agree with bronco. Get familiar with the links provided in bronco's post for background on how things work with CORS. The response message you are receiving is actually telling you exactly what header the browser is looking for in the OPTIONS call and not seeing. Add 'Access-Control-Allow-Origin' to the OECORSFilter.messageHeaders entry in oeablSecurity.properties, and restart the web app. After doing that you may see the response message change to another header the browser is expecting (say 'X-Requested-With'), and need to also add that.
Continue reading...
Continue reading...