So I'm trying to set up CORS on Restlet 2.3.0 using CorsFilter. Unfortunately there I can't seem to find a way to set the Access-Control-Allow-Methods so that I can add, say, POST, GET, OPTIONS.
The problem is that without this I keep getting 405 errors, eg:
Request Method:OPTIONS
Status Code:405 Method Not Allowed
I just set this up successfully for my work and I did not have to add that the header Access-Control-Allow-Methods. I think you need to use that if you want to restrict the allowed methods for cross-domain access. I followed the exact same code as mentioned in your link:
@Override
public Restlet createInboundRoot()
{
// Create a Restlet router that defines routes
final Router router = new Router(getContext());
// Add a CORS filter to allow cross-domain requests
CorsFilter corsFilter = new CorsFilter(getContext(), router);
corsFilter.setAllowedOrigins(new HashSet<String>(Arrays.asList("*")));
corsFilter.setAllowedCredentials(true);
// Setup up resource routing
// ...
return corsFilter; // Important!
}