REST Request returns 403 code

I make a request to a new Rest method I wrote, receiving the following, even though requests to other methods succeed and CORS filter is included in the tomcat configuration. What could be the problem?

access to xmlhttprequest at ‘http://localhost:8080/engine-rest/process-instance/resume’ from origin ‘null’ has been blocked by cors policy: no ‘access-control-allow-origin’ header is present on the requested resource.

Hi @Dimitrios,

Do you make the request from the browser or an external client (postman)?
Could you provide the whole request, including Request and Response Headers?

Hi Martin,

I’m making the request from the browser. here are the request/response headers:

Screenshot_1

Does it have something to do with the POST method?

I see that you request header Origin is null when it should be http://localhost:8080. Usually, this should not happen as Origin is provided by the browser and cannot be changed programmatically.

Is the page that’s making this request also hosted on localhost:8080? Do you have any Plugins installed in chrome that might mess with the CORS headers?

I am not using any plugins. The web page is spawned from Jetbrains WebStorm. The request works when invoking the GET method, so I’m gonna stick with that for now.