Hi,

trying to add CORS, to the Server (using RestEasy), I did this:

https://github.com/aerogear/aerogear-unified-push-server/commit/7ccb2e7fb

(and some more variations.... (e.g. see the comment out "Access-Control-Allow-Origin", where I am returing the EXACT Origin))

Here is a JavaScript sample:

http://jsfiddle.net/JY6n4/

Just click on the "Register a device" button, and see the errors in the console....

So, I am always (with the above jsFiddle) getting:

Origin http://fiddle.jshell.net is not allowed by Access-Control-Allow-Origin.

regardless if I use "*" or "http://fiddle.jshell.net" (explicit Origin), on the "Access-Control-Allow-Origin". I always thought that "*" is a wildcard.... allowing everybody and their mother to access the server.

BTW.

This happens with jQuery _and_ vanilla.js (XHR)..... So....... I am really overasked, but ... is it possible that the response is correct (at least the setup / my src), but that RestEasy has any problems with that stuff ??

A few more eyes are highly appreciated on this "issue".

thanks!!

Matthias

--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf