Hi,
So far I've been unable to communicate with either our app servers or the Developer Virtual Machine from localhost (xampp) due to the CORS header and the Access-Control-Allow-Origin policy.
Unless I'm just really bad at searching, I haven't found any information that worked on configuring this correctly in Tomcat for the Developer VM.
Has anyone else run into this issue?
Ryan
Well, looks like I was able to resolve this by modifying Tomcat's web.xml file, located at %BB_HOME%/apps/tomcat/conf/web.xml
From Apache Tomcat 8 Configuration Reference (8.5.23) - Container Provided Filters
Based on the example I also had to add the "Authorization" header in cors.allowed.headers, and in a Production environment I wouldn't leave cors.allowed.origins as a wildcard - restrict that to only the server running your REST application. You may wish to add the DELETE and PATCH methods in order to use those APIs.
I'd still prefer it if I could configure this only for the REST API endpoints, rather than Tomcat as a whole. Our applications server are still fronted by Apache which I could do more advanced config in, but Blackboard supports the Tomcat-only approach.