Crosswalk is a web runtime that allows you to embed a Chromium-based web view into your Android application. OKHttp is a popular HTTP client for Android. When using Crosswalk and OKHttp together, you might encounter Cross-Origin Resource Sharing (CORS) issues if the web content loaded in Crosswalk makes requests to a different domain than the one hosting your Android application.

To address CORS issues when using Crosswalk and OKHttp, you need to configure the server to allow Cross-Origin requests and also handle any CORS-related headers in your Android application. Here's how you can do it:

  1. Server-side Configuration: Configure the server that serves the web content to include the appropriate CORS headers. The main headers you'll need to set are Access-Control-Allow-Origin, Access-Control-Allow-Methods, and Access-Control-Allow-Headers. For example, to allow requests from any origin and support common HTTP methods and headers, you can set the following headers in your server response:

    Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers: Authorization, Content-Type

    Make sure to adjust the Access-Control-Allow-Origin header to the actual origin of your Android application if you don't want to allow requests from any origin.

  2. OKHttp Interceptor: In your Android application, you can use OKHttp's interceptor to add the necessary CORS headers to the outgoing HTTP requests made by OKHttp. Create a custom OKHttp interceptor to add the CORS headers:

    import; import okhttp3.Interceptor; import okhttp3.Request; import okhttp3.Response; public class CorsInterceptor implements Interceptor { @Override public Response intercept(Chain chain) throws IOException { Request originalRequest = chain.request(); Request.Builder requestBuilder = originalRequest.newBuilder() .header("Origin", ""); // Replace with your server domain Request newRequest =; return chain.proceed(newRequest); } }

    Then, when you create your OKHttp client, add the CorsInterceptor as an interceptor:

    import okhttp3.OkHttpClient; // ... OkHttpClient client = new OkHttpClient.Builder() .addInterceptor(new CorsInterceptor()) .build();

    The interceptor will add the Origin header to every request made by OKHttp, which is important for handling preflight (OPTIONS) requests in CORS.

  3. Crosswalk Configuration: With Crosswalk, you will need to configure the web view to allow Cross-Origin requests. You can enable Cross-Origin requests by creating a CrosswalkPreferences object and setting the appropriate preferences. Here's an example:

    import org.xwalk.core.XWalkPreferences; import org.xwalk.core.XWalkView; // ... XWalkView xWalkView = findViewById(; XWalkPreferences.setValue(XWalkPreferences.ALLOW_UNIVERSAL_ACCESS_FROM_FILE, true);

    The above code allows Cross-Origin requests in Crosswalk. Make sure to set any other preferences that are required for your use case.

By configuring your server to include the necessary CORS headers and adding the CorsInterceptor to your OKHttp client, you should be able to handle CORS issues when using Crosswalk and OKHttp in your Android application. Remember to adjust the headers and interceptor to match your specific server and CORS requirements.

Have questions or queries?
Get in Touch