We are designing a REST application in Tomcat which should be cross-domain accessible. So

Question

0

Asked: May 31, 20262026-05-31T22:03:17+00:00 2026-05-31T22:03:17+00:00

We are designing a REST application in Tomcat which should be cross-domain accessible. So

0

We are designing a REST application in Tomcat which should be cross-domain accessible. So for all responses we include the famous CORS header:

Access-Control-Allow-Origin: *

However, because it is a REST service, the server sometimes returns HTTP responses that are not 200 OK. E.g. 400, 403, 404, 405. One problem that we are having is that currently these responses do not contain the CORS header, and therefore cannot be interpreted by a cross-domain web client. It turns out it is a common issue: http://www.w3.org/wiki/Talk:CORS_Enabled

What is a good way in Tomcat to return non-200 responses with custom body, headers, etc, so that we can set the CORS header?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-31T22:03:19+00:00

Editorial Team

2026-05-31T22:03:19+00:00Added an answer on May 31, 2026 at 10:03 pm

Our solution is DYI: catch all Exceptions and call a Utility method that writes the HTTPServletResponseof the servlet directly with the body being the message of the Exception

On the HTTPServletResponse object, you can specify all you need, including the HTTP status code (I guess you use 400 for REST as is the norm), and all necessary headers including CORS headers.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We are designing a REST application in Tomcat which should be cross-domain accessible. So

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply