在Tomcat中设置CORS头 [英] Set CORS header in Tomcat
问题描述
我有一个由Tomcat托管的静态网站。
I had a static website hosted by Tomcat.
如何为我的网站设置标题: Access-Control-Allow-Origin :*
How to set a header for my site like:Access-Control-Allow-Origin: *
它们都是静态文件,而不是任何servlet应用程序。
They are all static file, not any servlet application.
推荐答案
如果它是一个静态网站,那么从Tomcat 7.0.41开始,你可以通过内置过滤器。
If it's a static site, then starting with Tomcat 7.0.41, you can easily control CORS behavior via a built-in filter.
很多事情你只需要编辑全局<并在 CATALINA_HOME / conf
中添加过滤器定义
Pretty much the only thing you have to do is edit the global web.xml
in CATALINA_HOME/conf
and add the filter definition:
<!-- ================== Built In Filter Definitions ===================== -->
...
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- ==================== Built In Filter Mappings ====================== -->
请注意,Firefox不喜欢 Access-Control-Allow-Origin: *
和具有凭证(Cookie)的请求: 响应时已授权的请求,服务器必须指定域,且不能使用通配符。
Be aware, though, that Firefox does not like Access-Control-Allow-Origin: *
and requests with credentials (cookies): when responding to a credentialed request, server must specify a domain, and cannot use wild carding.
这篇关于在Tomcat中设置CORS头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!