I have locally deployed my Play app and accessing my REST API via localhost:9000 from within my browser works perfectly.
However, I get the following error when executing a jQuery script (see below) from file:///C:/Users/XXX/XXX//index.html:
Failed to load resource: the server responded with a status of 403 (Forbidden)
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403.
I followed the instructions given under https://www.playframework.com/documentation/2.6.x/CorsFilter.
My build.sbt:
libraryDependencies ++= Seq(
jdbc,
evolutions,
guice,
"com.h2database" % "h2" % "1.4.194",
javaJpa,
"org.hibernate" % "hibernate-core" % "5.2.5.Final",
filters
)
My application.conf:
play.filters.enabled += "play.filters.cors.CORSFilter"
play.filters.cors {
# allow all paths
pathPrefixes = ["/"]
# allow all origins (You can specify if you want)
allowedOrigins = null
allowedHttpMethods = ["GET", "POST", "PUT", "DELETE"]
# allow all headers
allowedHttpHeaders = null
}
NOTE: I tried both allowedOrigins = null & allowedOrigins = ["*"]
jQuery-script:
$.ajax({
'url' : 'http://localhost:9000/employee/' + user_id + '/weeklyWorkingHours',
'type' : 'GET',
'success' : function(data) {
console.log('Data: '+ JSON.stringify(data));
},
'error' : function(request,error)
{
console.log("Error: "+JSON.stringify(request));
}
});
Here is what Play says:
[warn] p.f.c.CORSFilter - Invalid CORS request;Origin=Some(null);Method=GET;Access-Control-Request-Headers=None
You won't be able to get CORS to work from a local file. The browser sends an origin header value of null to the server, and Play won't respond with an access-control-allow-origin header. For testing, you can set up a local web server, for example with
cd c:\Users\XXX\XXX
python -m SimpleHTTPServer
Then you can load your file as