The Java CORS Filter for adding Cross-Origin Resource Sharing to existing web apps received an important update to permit any URI scheme, not just the ubiquitous http:// and https:// as originally supported. This change is in line with RFC 6454 which defines the concept of web origins.
This means that now you can also service CORS requests for “custom” schemes as app://, fb:// , etc.
The new CORS Filter release should reach Maven Central later today. You can also get it from the CORS Filter Git repo at Bitbucket.
Cheers to Edraí Brosa for initiating this important change!