There's currently no way to add the Access-Control-Allow-Origin header to requests made to the Geoserver services; this is a major problem as it forces me to use a proxy script on my local server to make calls to the Geoserver. Jetty 7+ supports this functionality but currently Geoserver runs on Jetty 6.x, which lacks this feature. Can a more recent version of Jetty be integrated into the Geoserver package to allow for adding this header?
Btw, let us know if just adding that file solves the issue, it seems small, we could propose adding it to the normal GeoServer distribution.
Adding jetty-servlets.jar and jetty-util.jar to the geoserver/WEB-INF/lib (you can copy them right out of the Jetty server lib) should do the trick for enabling CORS.
+1 for adding them by default in the standalone distro.
See - those jars should now be included out of the box, if you are available to test a nightly build feedback would be great.
Adding jetty-servlets.jar and jetty-util.jar to the geoserver/WEB-INF/libdoes not enable CORS and the geoserver stops working.
You need to configure your web.xml as described in the Jetty docs Andrea provided. Also make sure you have the correct version. What is your error?