JavaFX WebView disables the same origin policy (allow cross domain requests)

Question

JavaFX WebView disables the same origin policy (allow cross domain requests)

I am developing a JavaFX application that is basically an illustrious webpage. This is a desktop application (it is not embedded in a web page) and it has a web view for the main user interface. The application itself serves exclusively to access Bluetooth devices using Bluecove, because it is not possible directly from JavaScript in a web browser.

The proof of concept works fine (I was able to call JavaScript code from Java and vice versa), but I have one additional requirement to call arbitrary web services / APIs from JavaScript, but this violates the same origin policy (similarly on Android: Allow remote calls ajax on Android Webview + jquery mobile phone ). Is this possible in JavaFX? Any tips?

PS: I am using JavaFX 2.2.

+6

javascript same-origin-policy javafx cross-domain

petersaints Apr 25 '13 at 13:18

source share

2 answers

Ilya Buziuk · Answer 1 · 2014-09-29T13:38:48+0000

Basically, javaFx has a CORS related issue - https://javafx-jira.kenai.com/browse/RT-35868 . Assuming the web services you use have CORS, you can try the following approach:

System.setProperty("sun.net.http.allowRestrictedHeaders", "true")

OR

java -Dsun.net.http.allowRestrictedHeaders=true <your main class here>

Hope this helps you.

lysium · Answer 2 · 2013-09-03T06:23:23+0000

Since you are already running JavaFX as a desktop application, you can execute your JavaScript call through Java, where a policy with the same source code is not applied.

As an alternative, this answer to the SO question you posted seems to be a viable alternative.

JavaFX WebView disables the same origin policy (allow cross domain requests)

More articles: