Enable CORSΒΆ

To enable CORS for your Tomcat instance, you can use our included file.

This file is located under /scripts/cors.txt

The contents should be added to the line just before </web-app> in your /home/tomcat/apache-tomcat-{version}/conf/web.xml

Warning

Be sure to create a backup of your web.xml file before making any changes.

The file Contents are below

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
         <filter>
         <filter-name>CorsFilter</filter-name>
         <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
         <init-param>
               <param-name>cors.allowed.origins</param-name>
               <param-value>*</param-value>
         </init-param>
         <init-param>
               <param-name>cors.allowed.methods</param-name>
               <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
         </init-param>
         </filter>
         <filter-mapping>
         <filter-name>CorsFilter</filter-name>
         <url-pattern>/*</url-pattern>
         </filter-mapping>

You must restart Tomcat for the changes to register.

Note

The above script is very permissive. You should refine your CORS filter to reflect usage.