Details about CORS.
JVx' REST services support CORS since RESTlet update to 2.3.2. This version has the class CorsFilter which handles CORS automatically.
CORS support is disabled by default. If you want to call your REST service from “another domain”, simply enable CORS via web.xml:
<!-- ************************************************************************** REST support ************************************************************************** --> <!-- Restlet adapter --> <servlet> <servlet-name>RestletServlet</servlet-name> <servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class> <init-param> <!-- Application class name --> <param-name>org.restlet.application</param-name> <param-value>com.sibvisions.rad.server.http.rest.RESTAdapter</param-value> </init-param> <init-param> <param-name>cors.origin</param-name> <param-value>*</param-value> </init-param> </servlet> <servlet-mapping> <servlet-name>RestletServlet</servlet-name> <url-pattern>/services/rest/*</url-pattern> </servlet-mapping>
The init parameter cors.origin takes a comma separated list or simply * (for all sites).