将访问控制允许起源添加到Web服务
问题内容:
我有一个像这样的网络服务:
@Controller
@RequestMapping("/")
public class ApplicationController {
@RequestMapping(value="/Changes", method = RequestMethod.GET)
public String inspect(ModelMap model) {
model.addAttribute("msg", "example");
return "index";
}
}
在链接中: "localhost:8081/ChangesPDF/Changes?..."
我试图通过链接Alfresco获得此Web服务的响应"localhost:8080/share"。我现在有不同的端口(当我有相同的端口时,这很好用),因此,使用不同的端口,我会在Alfresco中看到错误:
跨域请求被阻止:同源策略禁止读取http://
localhost:8081 / ChangesPDF /
Changes
?…上的远程资源(原因:标头CORS’Access
-Control-Allow-Origin’丢失)。
如何添加此标头?
问题答案:
您应该添加一个过滤器,将“ Access-Control-Allow-Origin”设置为接受域“ localhost:8081”(全部为*)。
更多说明:
首先创建一个过滤器类
public class CorsFilter implements Filter {
private static final Logger log = Logger.getAnonymousLogger();
@Override
public void init(FilterConfig filterConfig) throws ServletException {}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest) servletRequest;
// can be moved to properties
String[] allowDomain = {"localhost:8080","localhost:8081"};
String originHeader = request.getHeader("host");
for(String domian : allowDomain){
if(originHeader.endsWith(domian))
response.setHeader("Access-Control-Allow-Origin", originHeader);
break;
}
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {}
}
将映射添加到您的web.xml类
<filter>
<filter-name>cors</filter-name>
<filter-class>full name of your filter class here</filter-class>
</filter>
<filter-mapping>
<filter-name>cors</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
您应该根据需要在web.xml配置中正确定义URL模式
