How to set Access-Control-Allow-Origin for multiple origin domains with Tomcat?

Amessihel

11/10/23, 7:28 PM

An answer on SO to the same nice - and following guidelines - question but for Apache, how to set Access-Control-Allow-Origin entry header for multiple origin domains deals with .htaccess, checking from a list of allowed origins and returning the specific value:

<IfModule mod_headers.c>
    SetEnvIf Origin "<regex-matching-allowed-origin-domains>" \
             AccessControlAllowOrigin=$0
    Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e \
               env=AccessControlAllowOrigin
    Header merge Vary Origin
</IfModule>

Is there a way to do the same configuration for Tomcat, rather than allowing from any origin as shown below ?

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

1252

0 + 0

tomcat

http-headers

cors

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to set Access-Control-Allow-Origin for multiple origin domains with Tomcat?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.