@Provider
public class CORSResponseFilter implements ContainerResponseFilter {
public void filter(
ContainerRequestContext requestContext,
ContainerResponseContext responseContext
) throws IOException {
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*"); //Allow Access from everywhere
headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type");
}
}
Note that the Access-Control-Allow-Origin is only useful at OPTIONS responses.