README.md

CORS recipe for Lagom's Javadsl

In order to enable CORS on a Lagom service the following steps are required:

1. include filters as a dependency on your -impl project. filters is a package provided by Play Framework.
2. Create a class that implements DefaultHttpFilters and inject Play's CORSFilter
3. Register that newly created class on your application.conf using: play.http.filters = "com.your.package.YourFilterClassName"
4. Finally, add an ACL on your Service.Descriptor matching the OPTIONS method for the paths you are exposing on your Service Gateway.

Testing the recipe

You can test this recipe using 2 separate terminals.

On one terminal start the service:

sbt runAll

On a separate terminal, use curl to trigger a pre-flight request:

curl -H "Access-Control-Request-Method: GET" \
        -H "Access-Control-Request-Headers: origin, x-requested-with" \
        -H "Origin: http://www.some-domain.com"  \
        -X OPTIONS http://localhost:9000/api/hello/123 -v        

Note how the request uses the OPTIONS method and targets the Lagom Service Gateway (localhost:9000).

More resources

This topic has been discussed in the Lagom Mailing List a few times, if this recipe doesn't resolve your doubts, feel free to ask for help in the community.

You will also find the Play Framework documentation on the topic quite useful.