1. 云图网首页
  2. 技术专区
  3. 编程笔记

Java跨域设置详解编程语言

编程笔记

Access-Control-Allow-Origin 为允许哪些Origin发起跨域请求. 这里设置为”*”表示允许所有,通常设置为所有并不安全,最好指定一下。 
Access-Control-Allow-Methods 为允许请求的方法. 
Access-Control-Max-Age 表明在多少秒内,不需要再发送预检验请求,可以缓存该结果 
Access-Control-Allow-Headers 表明它允许跨域请求包含content-type头,这里设置的x-requested-with ,表示ajax请求

<filter> 
        <filter-name>CrossOrigin</filter-name> 
        <filter-class>org.digdata.swustoj.filter.CrossOriginFilter</filter-class> 
         <init-param> 
            <param-name>AccessControlAllowOrigin</param-name> 
            <param-value>*</param-value> 
        </init-param> 
        <init-param> 
            <param-name>AccessControlAllowMethods</param-name> 
            <param-value>POST, GET, DELETE, PUT</param-value> 
        </init-param> 
        <init-param> 
            <param-name>AccessControlMaxAge</param-name> 
            <param-value>3628800</param-value> 
        </init-param> 
        <init-param> 
            <param-name>AccessControlAllowHeaders</param-name> 
            <param-value>x-requested-with</param-value> 
        </init-param> 
    </filter> 
    <filter-mapping> 
        <filter-name>CrossOrigin</filter-name> 
        <url-pattern>/*</url-pattern> 
    </filter-mapping>
package org.digdata.swustoj.filter; 
 
import java.io.IOException; 
 
import javax.servlet.Filter; 
import javax.servlet.FilterChain; 
import javax.servlet.FilterConfig; 
import javax.servlet.ServletException; 
import javax.servlet.ServletRequest; 
import javax.servlet.ServletResponse; 
import javax.servlet.http.HttpServletResponse; 
 
/** 
 *  
 * @author wwhhf 
 * @since 2016年5月30日 
 * @comment 跨域过滤器 
 */ 
public class CrossOriginFilter implements Filter { 
 
    private FilterConfig config = null; 
 
    @Override 
    public void init(FilterConfig config) throws ServletException { 
        this.config = config; 
    } 
 
    @Override 
    public void destroy() { 
        this.config = null; 
    } 
 
    /** 
     *  
     * @author wwhhf 
     * @since 2016/5/30 
     * @comment 跨域的设置 
     */ 
    @Override 
    public void doFilter(ServletRequest request, ServletResponse response, 
            FilterChain chain) throws IOException, ServletException { 
        HttpServletResponse httpResponse = (HttpServletResponse) response; 
        // 表明它允许"http://xxx"发起跨域请求 
        httpResponse.setHeader("Access-Control-Allow-Origin", 
                config.getInitParameter("AccessControlAllowOrigin")); 
        // 表明在xxx秒内,不需要再发送预检验请求,可以缓存该结果 
        httpResponse.setHeader("Access-Control-Allow-Methods", 
                config.getInitParameter("AccessControlAllowMethods")); 
        // 表明它允许xxx的外域请求 
        httpResponse.setHeader("Access-Control-Max-Age", 
                config.getInitParameter("AccessControlMaxAge")); 
        // 表明它允许跨域请求包含xxx头 
        httpResponse.setHeader("Access-Control-Allow-Headers", 
                config.getInitParameter("AccessControlAllowHeaders")); 
        chain.doFilter(request, response); 
    } 
 
}

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/19457.html

(0)
0
上一篇 2021年7月19日
下一篇 2021年7月19日

相关推荐

发表回复

登录后才能评论