Hammock's Web API provides some out of the box Servlet Filters for some reusable cross cutting concerns.

CORS

The CORS filter enables the standard CORS response headers to allow your application to be accessed from remote servers via JavaScript. It should be used only when you need it. By default, CORS is not enabled. To enable it, add the following properties to your application:

cors.enabled=true
cors.origin=
cors.headers=origin, content-type, accept, authorization
cors.credentials=true
cors.methods=GET, POST, PUT, DELETE, OPTIONS, HEAD
cors.maxAge=1209600

Customize these values as appropriate to your application to support CORS from domains you expect.

Static Resources

Static Resource serving is provided as another filter. This filter will look for assets within your archive to be served. By default they will be loaded from META-INF/resources, but can be overridden by setting static.resource.location to some other value.