I have tested the URL separately and it’s returning results on the browser. So there’s something wrong in making the Ajax call that I am doing. Please let me know what could be the problem. Thanks
Thanks. The CORS handling would require enabling Access-Control-Allow-Credentials: true on the Apache server. Is it a good idea to enable it or are there any security related risks associated with it?
JBOSS is running on http://localhost:9090. I believe CORS handling would require enabling the credentials as I mentioned in my above post. I am wondering if it could be any kind of security risk?
Considering the acronym stands for Cross Origin Resource Sharing and it requires being explicitly enabled, I’m prone to think it must have some risk. At least for those that don’t understand the risk AFAIK it isn’t an “on or off” but there are various ways to “tune” it for only as much as is needed.