Problem with REST API and CORS

Hello community,

while doing an ajax request to kick a user from a MUC room, using the REST API plugin, I get the following error:

Access to XMLHttpRequest at ‘http://www.rmas.cl:9090/plugins/restapi/v1/chatrooms/global/members/jack’ from origin ‘http://www.rmas.cl’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

CORS support is enabled on Openfire, and I have added an Access-Control-Allow-Origin “*” header in the apache config file. The header shows up in any response, except when I call the REST API:

  1. Allow: OPTIONS,DELETE,POST
  2. Content-Encoding: gzip
  3. Content-Length: 468
  4. Content-Type: application/vnd.sun.wadl+xml
  5. Date: Mon, 15 Apr 2019 19:51:06 GMT
  6. Last-Modified: Wed, 10 Apr 2019 10:43:49 CLST
  7. Vary: Accept-Encoding
  8. X-Frame-Options: same

I’m using Openfire 4.3.2 with REST API 1.3.9.
Any help on this issue is much appreciated!

I have same issue did yousolve it

I interchange prc.getProperties().put(CONTAINER_RESPONSE_FILTERS, GZIP_FILTER);
prc.getProperties().put(CONTAINER_RESPONSE_FILTERS, CORSFILTER);

and also
prc.getProperties().put(CONTAINER_REQUEST_FILTERS, pickedAuthFilter);
prc.getProperties().put(CONTAINER_REQUEST_FILTERS, GZIP_FILTER);