Add some code to set the Cross-Origin Resource Sharing headers. As a start just the minimal code to show how it works

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1155252 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 11 insertions, 0 deletions

diff --git a/sca-java-2.x/trunk/modules/binding-rest-runtime/src/main/java/org/apache/tuscany/sca/binding/rest/provider/TuscanyRESTServlet.java b/sca-java-2.x/trunk/modules/binding-rest-runtime/src/main/java/org/apache/tuscany/sca/binding/rest/provider/TuscanyRESTServlet.java
index 9e837485fb..aefa666bfe 100644
--- a/sca-java-2.x/trunk/modules/binding-rest-runtime/src/main/java/org/apache/tuscany/sca/binding/rest/provider/TuscanyRESTServlet.java
+++ b/sca-java-2.x/trunk/modules/binding-rest-runtime/src/main/java/org/apache/tuscany/sca/binding/rest/provider/TuscanyRESTServlet.java
@@ -69,6 +69,17 @@ public class TuscanyRESTServlet extends RestServlet {
 
     @Override
     protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        
+        if (binding.isCORS()) {
+            response.setHeader("Access-Control-Allow-Origin", "*");
+            response.setHeader("Access-Control-Allow-Headers", "X-Requested-With");
+            if (request.getMethod().equals("OPTIONS")) {
+                response.setHeader("Access-Control-Allow-Methods", "DELETE, GET, OPTIONS, POST, PUT");
+                response.setHeader("Access-Control-Max-Age", "1728000");
+                return;
+            }
+        }
+
         //create context
         HTTPContext bindingContext = new HTTPContext();
         bindingContext.setHttpRequest(request);