The best way to deal with CORS issues with Swagger UI

You can set CORS filter on your web.xml or on your tomcat’s web.xml, like this.



1. Your system gets insecure because of this, especially on PROD site where you don’t want someone to invoke your RESTFul services with swagger ui. 

2. There may still be CORS javascript bugs in Swagger UI program even you have set up CORS filter, ince doesn’t have the same origin with your RESTFul services. 

The best practice is to :

Don’t setup CORS but set up swagger ui static site with the same origin with your RESTFul services, on your local machine, test server,  but not on PROD server.  

1.  The PROD will be safe.

2.  Both the domain name and port should be the same with your RESTFul services.  

3.  You can easily set this up with apache httpd.  

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.