HttpServletRequest request = ServletActionContext.getRequest(); |
HttpServletResponse response = ServletActionContext.getResponse(); |
response.setHeader( "Access-Control-Allow-Origin" , request.getHeader( "Origin" )); |
response.setHeader( "Access-Control-Allow-Credentials" , "true" ); |
response.setHeader( "P3P" , "CP=CAO PSA OUR" ); |
if (request.getHeader( "Access-Control-Request-Method" ) != null && "OPTIONS" .equals(request.getMethod())) { |
response.addHeader( "Access-Control-Allow-Methods" , "POST,GET,TRACE,OPTIONS" ); |
response.addHeader( "Access-Control-Allow-Headers" , "Content-Type,Origin,Accept" ); |
response.addHeader( "Access-Control-Max-Age" , "120" ); |
} |