Document how to enable CORS Support

Description

There's currently no way to add the Access-Control-Allow-Origin header to requests made to the Geoserver services; this is a major problem as it forces me to use a proxy script on my local server to make calls to the Geoserver. Jetty 7+ supports this functionality but currently Geoserver runs on Jetty 6.x, which lacks this feature. Can a more recent version of Jetty be integrated into the Geoserver package to allow for adding this header?

Environment

None

Activity

Show:
Andrea Aime
February 8, 2016, 8:58 AM

Btw, let us know if just adding that file solves the issue, it seems small, we could propose adding it to the normal GeoServer distribution.

Jason Newmoyer
August 17, 2016, 3:44 PM

Adding jetty-servlets.jar and jetty-util.jar to the geoserver/WEB-INF/lib (you can copy them right out of the Jetty server lib) should do the trick for enabling CORS.

+1 for adding them by default in the standalone distro.

Jody Garnett
January 24, 2017, 10:11 PM

See - those jars should now be included out of the box, if you are available to test a nightly build feedback would be great.

Aditya Agarwal
July 21, 2017, 10:40 AM

Adding jetty-servlets.jar and jetty-util.jar to the geoserver/WEB-INF/libdoes not enable CORS and the geoserver stops working.

Jason Newmoyer
July 21, 2017, 1:34 PM

You need to configure your web.xml as described in the Jetty docs Andrea provided. Also make sure you have the correct version. What is your error?

Fixed

Assignee

Unassigned

Reporter

codehaus

Triage

None

Fix versions

Affects versions

Components

Priority

Medium