tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 60008] New: Tomcat CORS filter not allowing origin with file:// when resource access done from WebView
Date Tue, 16 Aug 2016 04:27:57 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=60008

            Bug ID: 60008
           Summary: Tomcat CORS filter not allowing origin with file://
                    when resource access done from WebView
           Product: Tomcat 8
           Version: 8.0.30
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: schandra@kodiakptt.com

The CORS filter not allowing request and returning 403 when the request is as
follows.

Request Headers
POST http://kodiakptt.com/poc/ HTTP/1.1
Accept: application/json, text/plain, */*
Origin: file://
User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; XT1033 Build/KXB20.25-1.31)
AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Mobile
Safari/537.36
Content-Type: application/json;charset=UT

We have a app which accesses the resource from tomcat web server, if UI is part
of the app and using hosted JSCDE/mobile API js file, the webview send the
request with Origin: file:// which tomcat rejects with 403 Forbidden.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message