饭叔的知识整理

Java CORSFilter

跨域访问时加到header里,浏览器就不会拒绝了

  • 加web.xml里

       <!-- CORS filter-->
      <filter>
          <filter-name>CORSFilter</filter-name>
          <filter-class>com.company.filter.CORSFilter</filter-class> <!--CORSFilter 的JAVA完整包名 -->
      </filter>
      <filter-mapping>
          <filter-name>CORSFilter</filter-name>
          <url-pattern>/*</url-pattern>  <!-- 匹配哪些url要用 CORSFilter -->
      </filter-mapping>
    
  • CORSFilter.java

      package com.company.filter;
    
      import javax.servlet.*;
      import javax.servlet.http.HttpServletResponse;
      import java.io.IOException;
    
      /**
       * Created by fangjian on 14-11-7.
       */
      public class CORSFilter implements javax.servlet.Filter{
          public CORSFilter() { }
    
          public void init(FilterConfig fConfig) throws ServletException { }
    
          public void destroy() {    }
    
          public void doFilter(
                  ServletRequest request, ServletResponse response,
                  FilterChain chain) throws IOException, ServletException {
    
              ((HttpServletResponse)response).addHeader(
                      "Access-Control-Allow-Origin", "*"
              );
               ((HttpServletResponse)response).addHeader(
                      "Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since"
              );
              ((HttpServletResponse)response).addHeader(
                      "Access-Control-Allow-Credentials", "true" // qwest.get(url, null, { withCredentials: true }); //允许跨域设置cookie
              );
              ((HttpServletResponse)response).addHeader(
                      "Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, OPTIONS"
              );
              chain.doFilter(request, response);
          }
      }