Java跨域

使用Filter處理跨域

  1. 創(chuàng)建Filter
public class CorsFilter implements Filter {
    private String allowedOrigins = "*";
    private String allowedMethods = "GET, POST";
    private String allowedHeaders = "*";
    private String exposedHeaders = "";
    private String allowCredentials = "false";
    private String maxAge = "1800";


    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        if (filterConfig.getInitParameter("allowedOrigins") != null) {
            allowedOrigins = filterConfig.getInitParameter("allowedOrigins");
        }

        if (filterConfig.getInitParameter("allowedMethods") != null) {
            allowedMethods = filterConfig.getInitParameter("allowedMethods");
        }

        if (filterConfig.getInitParameter("allowedHeaders") != null) {
            allowedHeaders = filterConfig.getInitParameter("allowedHeaders");
        }

        if (filterConfig.getInitParameter("exposedHeaders") != null) {
            exposedHeaders = filterConfig.getInitParameter("exposedHeaders");
        }

        if (filterConfig.getInitParameter("allowCredentials") != null) {
            allowCredentials = filterConfig.getInitParameter("allowCredentials");
        }

        if (filterConfig.getInitParameter("maxAge") != null) {
            maxAge = filterConfig.getInitParameter("maxAge");
        }

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) servletResponse;

        response.setHeader("Access-Control-Allow-Origin", this.allowedOrigins);
        response.setHeader("Access-Control-Allow-Methods", this.allowedMethods);
        response.setHeader("Access-Control-Allow-Headers", this.allowedHeaders);

        if (this.allowCredentials != null) {
            response.setHeader("Access-Control-Allow-Credentials", this.allowCredentials);
        }

        if (this.exposedHeaders != null) {
            response.setHeader("Access-Control-Expose-Headers", this.exposedHeaders);
        }

        if (this.maxAge != null) {
            response.setHeader("Access-Control-Max-Age", maxAge);
        }

        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;

        if (!httpServletRequest.getMethod().equals("OPTIONS")) {
            filterChain.doFilter(servletRequest, response);
        }
    }

    @Override
    public void destroy() {

    }
}
  1. 配置Web.xml

注意 Filter 的順序,請求應(yīng)該最先到達這個Filter

  <filter>
    <filter-name>corsFilter</filter-name>
    <filter-class>com.chuchujie.mall.gold.common.web.CorsFilter</filter-class>
    <init-param>
      <param-name>allowedMethods</param-name>
      <param-value>GET, POST, OPTIONS</param-value>
    </init-param>
    
    <init-param>
      <param-name>allowedHeaders</param-name>
      <param-value>token</param-value>
    </init-param>
  </filter>

  <filter-mapping>
    <filter-name>corsFilter</filter-name>
    <url-pattern>/api/*</url-pattern>
  </filter-mapping>
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容