How can I get playframework to allow non-origin calls? I have tried adding a @Before method to a controller, but that never gets called by an ajax client.
@Before
public static void setCORS()
{
Http.Response.current().accessControl("*", "GET,PUT,POST,DELETE", true);
}
I am trying to setup a test API server for client developers to test against, but that seems to require disabling the Origin restriction.
Has anyone else got this working? or accomplished this in a different way?
UPDATE: I found this article on the topic http://javathought.wordpress.com/2011/12/04/cross-origin-resource-sharing-with-play-framework/
Check what your browser is trying to do, it may send an OPTION request first to check what is allowed, this is called "preflight request".
Also, setting Access-Control-Allow-Origin to * only works without credentials.