跨域访问时加到header里,浏览器就不会拒绝了
加web.xml里
<!-- CORS filter-->
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>com.company.filter.CORSFilter</filter-class> <!--CORSFilter 的JAVA完整包名 -->
</filter>
<filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/*</url-pattern> <!-- 匹配哪些url要用 CORSFilter -->
</filter-mapping>
CORSFilter.java
package com.company.filter;
import javax.servlet.*;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* Created by fangjian on 14-11-7.
*/
public class CORSFilter implements javax.servlet.Filter{
public CORSFilter() { }
public void init(FilterConfig fConfig) throws ServletException { }
public void destroy() { }
public void doFilter(
ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Origin", "*"
);
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since"
);
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Credentials", "true" // qwest.get(url, null, { withCredentials: true }); //允许跨域设置cookie
);
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, OPTIONS"
);
chain.doFilter(request, response);
}
}