Is it possible to add headers for CORS at the calling side server?

StackOverflow https://stackoverflow.com/questions/22777633

  •  25-06-2023
  •  | 
  •  

Pregunta

I have a GWT appilcation in which the client makes a request to another domain. I wrote the request using RequestBuilder in GWT.

On executing the code, I get an error in my browser :

No 'Access-Control-Allow-Origin' header is present on the requested resource.

So I google and I found that the domain to which I am making the request should add this header in the response that it sends. Now I dont't have control over the other domain's server, so I can't do any modification there.

My question is, can I intercept the response and the Access-Control-Allow-Origin header to the response that is being sent by the other domain's server at my server, before I send it to my client? I tried using Filters but the Filter doesn't get called for responses coming from another domain.

Is this possible to do, am I missing something or is it just not possible?

¿Fue útil?

Solución

Vivek's answer that cross domain requests aren't allowed by the browser is true, except for the CORS mechanism, whereby newer browsers that support it can try in a cross origin way to servers that also support it.

However, unless that remote server support it itself, there is nothing you can do. If I server my app from A, and want to connect to B, only B can authorize that. If A were allowed to permit my app to connect to B via some filter or servlet, then I could write an app that makes calls to gmail or facebook or twitter and read/write your settings and personal data at those other urls.

So instead, it is the cross origin server that you are contacting that must approve the connection with the header you mentioned. In lieu of that, you can still use your own server as a proxy for the cross origin server.

Otros consejos

Cross-domain requests are forbidden by web browsers as per the same origin security policy. These restrictions are limited to browser based applications and hence you can definitely use your own server application as a filter between the GWT based client side application and the external server.

Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top