My environment is a npm installation, that bundles my js files with webpack and provides the content on localhost:3000 if I call npm start in the root directory.
On the other hand, I installed the GeoServer as a service and everything worked fine until now. It is running on localhost:8080.
Iam implementing a OpenLayers project and we are using the SLD-standard for styling features. Until now I just had these SLD-files locally at my computer. I found out about the REST API of the GeoServer, in which you can receive the registered SLD-styles. We now decided to use the GeoServer as a global SLD-storage, so every client can get the style informations quickly without local files.
Registering the styles in the GeoServer was pretty simple. But if I now want to get a style in my OpenLayers project (port 3000) via the REST API of the GeoServer (port 8080), a CORS problem appears.
I had these problems some time ago and just enabled the CORS in the web.xml of the GeoServer. I really thought the REST API is now using CORS as well, but it dont seems like.
I can not fetch the SLD-file from the REST API, because CORS is blocking it. But all the other operations, like adding retrieved features to my layers or getting layers from the GeoServer work fine.
Am I just thinking wrong or what is the problem here that the REST API is blocking CORS and "normal" operations dont do?
I found the solution.
You can set the access rules in the rest.properties file, in which you can configure allowed domains/sources for each request mode (GET, POST, ..) itself.