Enabling CORS

In order to allow Cross-Origin Resource Sharing (CORS), you can either use the filter that ships with your WebServer, install the Atmosphere interceptor called CorsInterceptor or write your own like below.

To learn more about filters in general, this Oracle tutorial about the essentials of filters is worth reading.

public class CorsFilter implements Filter{
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) 
            throws IOException, ServletException {      
        HttpServletRequest req = (HttpServletRequest)request;                                   
        HttpServletResponse res = (HttpServletResponse)response;  

        if(req.getHeader("Origin") != null){
            res.addHeader("Access-Control-Allow-Origin", "*");
            res.addHeader("Access-Control-Expose-Headers", "
              X-Cache-Date, X-Atmosphere-tracking-id");
        }

        if("OPTIONS".equals(req.getMethod())){
            res.addHeader("Access-Control-Allow-Methods", "OPTIONS, GET, POST");
            res.addHeader("Access-Control-Allow-Headers",
                    "Origin, Content-Type, X-Atmosphere-Framework, 
                     X-Cache-Date, X-Atmosphere-tracking-id, X-Atmosphere-Transport");
            res.addHeader("Access-Control-Max-Age", "-1");
        }                                              
        chain.doFilter(req, res);
    }

    @Override
    public void destroy() { }
   
    @Override
    public void init(FilterConfig filterConfig) throws ServletException { }   
} 

To activate the CORS filter, assign it to your servlet in the web application deployment descriptor:

    <filter>
        <filter-name>CORS Filter</filter-name>
        <filter-class>com.example.CorsFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>CORS Filter</filter-name>
        <servlet-name>AtmosphereServlet</servlet-name>
    </filter-mapping>  
    <servlet>
        <servlet-name>AtmosphereServlet</servlet-name>
        <servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>AtmosphereServlet</servlet-name>
        <url-pattern>/*</url-pattern>
    </servlet-mapping>

On atmosphere.js side, make sure you configure the enableXDR to true:

  AtmosphereRequest request = new $.atmosphere.AtmosphereRequest();
  request.enableXDR = true;
  request.readResponsesHeaders = false; // Atmosphere 1.0.x only

Search the mailing list as well for proxies information.