The interactive shell for querying remote JSON-RPC 2.0 web services received a new feature in line with the recent release of CORS Filter 1.0 – there is now a command line option to set an “Origin” header to simulate cross-origin browser requests. For those of you who still don’t know, Cross-Origin Resource Sharing (CORS) is a recent W3C effort to introduce a standard mechanism for making cross-origin requests from browsers. CORS is now supported by Firefox 3.5+, IE 8, Safari 4+ and Chrome 3+.
The origin request header can be used by cross-site aware web servers to determine whether a particular HTTP request is CORS and what access policy to apply to it.
Here is an example “Origin” HTTP header which the browser inserts in cross-site XHR to indicate that the original web page/script is from
To set an “Origin” request header for a particular JsonRpc2 Shell session use the optional
-o, --origin argument:
java -jar jsonrpc2shell.jar -o http://example.com http://rpc-host.net:8080/jsonrpc2/
The latest version of the JSON-RPC 2.0 Shell is available at http://software.dzhuvinov.com/json-rpc-2.0-shell.html
The CORS W3C specification: http://www.w3.org/TR/cors/
The CORS Filter software is at http://software.dzhuvinov.com/cors-filter.html