I’ve spent the last 5 months developing a gwt app, and it’s now become time for third party people to start using it. In preparation for this one of them has set up my app behind a reverse proxy, and this immediately resulted in problems with the browser’s same origin policy. I guess there’s a problem in the response headers, but I can’t seem to rewrite them in any way to make the problem go away. I’ve tried this

response.setHeader("Server", request.getRemoteAddress());

in some sort of naive attempt to mimic the behaviour I want. Didn’t work (to the surprise of no-one).

Anyone knowing anything about this will most likely snicker and shake their heads when reading this, and I do not blame them. I would snicker too, if it was me… I know nothing at all about this, and that naturally makes this problem awfully hard to solve. Any help at all will be greatly appreciated.

How can I get the header rewrite to work and get away from the SOP issues I’m dealing with?

Edit: The exact problem I’m getting is a pop-up saying:

“SmartClient can’t directly contact
URL
‘https://localhost/app/resource?action=‘doStuffs'”
due to browser same-origin policy.
Remove the host and port number (even
if localhost) to avoid this problem,
or use XJSONDataSource protocol (which
allows cross-site calls), or use the
server-side HttpProxy included with
SmartClient Server.”

But I shouldn’t need the smartclient HttpProxy, since I have a proxy on top of the server, should I? I’ve gotten no indications that this could be a serialisation problem, but maybe this message is hiding the real issue…

Solution
chris_l and saret both helped to find the solution, but since I can only mark one I marked the answer from chris_l. Readers are encouraged to bump them both up, they really came through for me here. The solution was quite simple, just remove any absolute paths to your server and use only relative ones, that did the trick for me. Thanks guys!