帶cookie的跨域2

帶cookie的跨域2


1、Access-Control-Allow-Origin:具體URL


(1)Access-Control-Allow-Origin設置具體的URL,只能解決設置的具體URL跨域問題,不解決帶Cookie的所有URL跨域請求

設置具體跨域URL

CrossFilter代碼:

@Override

??? public void doFilter(ServletRequestservletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException, ServletException {

??????? HttpServletResponse res =(HttpServletResponse) servletResponse;

??????? HttpServletRequest req =(HttpServletRequest) servletRequest;

??????? String origin =req.getHeader("Origin");

??????? //帶cookie請求,origin必須全匹配

//???????res.addHeader("Access-Control-Allow-Origin",origin);

???????res.addHeader("Access-Control-Allow-Origin","http://localhost:8082");

//???????res.addHeader("Access-Control-Allow-Methods","GET");

??????? // *號表示支持所有的域名(除了帶cookie請求外)

//???????res.addHeader("Access-Control-Allow-Origin","*");

??????? // *號表示支持所有的請求方法

???????res.addHeader("Access-Control-Allow-Methods","*");

???????res.addHeader("Access-Control-Allow-Headers","Content-Type");

??????? //設置OPTIONS預檢命令緩存

???????res.addHeader("Access-Control-Max-Age", "60000");

??????? //允許帶cookie請求跨域

??????? res.addHeader("Access-Control-Allow-Credentials","true");


??????? filterChain.doFilter(servletRequest,servletResponse);

??? }

(2)只有http://localhost:8082訪問才能跨域,如果是http://127.0.0.1:8082訪問,就不滿足跨域

http://localhost:8082訪問能跨域


http://127.0.0.1:8082訪問不能跨域


2、修改后臺代碼,獲取請求Header中Origin


設置所有URL都能跨域

CrossFilter代碼:

???@Override

???public void doFilter(ServletRequest servletRequest, ServletResponseservletResponse, FilterChain filterChain) throws IOException, ServletException{

???????HttpServletResponse res = (HttpServletResponse) servletResponse;

???????HttpServletRequest req = (HttpServletRequest) servletRequest;

???????Stringorigin = req.getHeader("Origin");

???????//帶cookie請求,origin必須全匹配

???????res.addHeader("Access-Control-Allow-Origin",origin);

//???????res.addHeader("Access-Control-Allow-Origin","http://localhost:8082");

//???????res.addHeader("Access-Control-Allow-Methods","GET");

???????// *號表示支持所有的域名(除了帶cookie請求外)

//???????res.addHeader("Access-Control-Allow-Origin","*");

???????// *號表示支持所有的請求方法

???????res.addHeader("Access-Control-Allow-Methods","*");

???? ???res.addHeader("Access-Control-Allow-Headers","Content-Type");

???????//設置OPTIONS預檢命令緩存

???????res.addHeader("Access-Control-Max-Age", "60000");

???????//允許帶cookie請求跨域

???????res.addHeader("Access-Control-Allow-Credentials","true");


???????filterChain.doFilter(servletRequest, servletResponse);

}

http://localhost:8082訪問能跨域,http://127.0.0.1:8082訪問也能跨域

http://localhost:8082訪問能跨域


http://127.0.0.1:8082訪問能跨域
?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布,文章內容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內容

  • 帶cookie的跨域1 1、Access-Control-Allow-Origin:*解決不了帶Cookie的跨域...
    喬喬養(yǎng)的瀧大胖閱讀 475評論 0 0
  • AJAX跨域產生的原因? 1、瀏覽器限制 2、XHR(XMLHttpRequest)請求 3、跨域(域名不同、端口...
    BraveHeartLi閱讀 4,568評論 0 0
  • 隨著軟件開發(fā)分工趨于精細,前后端開發(fā)分離成為趨勢,前端同事負責前端頁面的展示及頁面邏輯處理,服務端同事負責業(yè)務邏輯...
    lueyoo閱讀 382評論 0 0
  • 大背景:前后端分離后,項目分開部署,域名不一致,ajax請求時需要解決跨域問題。 服務端支持跨域方案: 1、spr...
    songwl閱讀 1,453評論 1 2

友情鏈接更多精彩內容