Play Framework 2.3 - CORS标题 [英] Play Framework 2.3 - CORS Headers
问题描述
更新新的Play 2.5提供了一个新的 CORS Filter
UPDATE the new Play 2.5 offers a new CORS Filter
当新的2.3 Java版本完成将Response类迁移到Promise类时,以下代码不再有效。
As the new 2.3 Java version finished the migration of the Response class to Promise class the following code no longer works.
public class CorsAction extends Action.Simple {
public Result call(Context context) throws Throwable{
Response response = context.response();
response.setHeader("Access-Control-Allow-Origin", "*");
//Handle preflight requests
if(context.request().method().equals("OPTIONS")) {
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content- Type, Accept, Authorization, X-Auth-Token");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Origin", "*");
return ok()
}
response.setHeader("Access-Control-Allow-Headers","X-Requested-With, Content-Type, X- Auth-Token");
return delegate.call(context);
}
}
我正在开发Play(Java)2.3中的应用程序我已经查看并尝试了不同的方法来启用CORS - 包括向路径文件添加/ OPTIONS方法 - 但没有成功。
I am developing an application in Play (Java) 2.3 and I have looked and tried different methods to enable CORS -including adding /OPTIONS methods to the routes file- without success.
我非常欣赏有关新的如何响应实现将处理这种类型的拦截,因为在新的Promise类中实现时,它似乎不会在头文件中产生任何影响。
I would much appreciate some light on how the new Response implementation would handle this type of interception, because it seems not to have any effects in the headers when implemented in the new Promise class.
提前感谢所有帮助!!
Thanks in advance for all the help!!
推荐答案
通过以下方式解决:
所有来自的API服务器应包含标题:Access-Control-Allow-Origin,*。我们需要为所有操作响应编写一个包装器。
All API responses from the server should contain a header: "Access-Control-Allow-Origin", "*". We need to write a wrapper for all action responses.
在Global.java中
In Global.java
import java.net.URL;
import play.*;
import play.libs.F.Promise;
import play.mvc.Action;
import play.mvc.Http;
import play.mvc.Result;
public class Global extends GlobalSettings {
// For CORS
private class ActionWrapper extends Action.Simple {
public ActionWrapper(Action<?> action) {
this.delegate = action;
}
@Override
public Promise<Result> call(Http.Context ctx) throws java.lang.Throwable {
Promise<Result> result = this.delegate.call(ctx);
Http.Response response = ctx.response();
response.setHeader("Access-Control-Allow-Origin", "*");
return result;
}
}
@Override
public Action<?> onRequest(Http.Request request,
java.lang.reflect.Method actionMethod) {
return new ActionWrapper(super.onRequest(request, actionMethod));
}
}
POST,PUT等服务器请求在主要请求之前向服务器发出预检请求。这些预检请求的响应应包含以下标题:
Server requests like POST, PUT make a preflight request to the server before the main request. The response for these preflight requests should contain below headers:
Access-Control-Allow-Origin,
允许,
Access-Control-Allow-Methods,POST,GET,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers,Origin,X-Requested -With,Content-Type,Accept,Referer,User-Agent
"Access-Control-Allow-Origin", "" "Allow", "" "Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, OPTIONS" "Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent"
在路线中添加:
OPTIONS /*all controllers.Application.preflight(all)
In应用程序Coltroller:
In Application Coltroller:
package controllers;
import play.mvc.*;
public class Application extends Controller {
public static Result preflight(String all) {
response().setHeader("Access-Control-Allow-Origin", "*");
response().setHeader("Allow", "*");
response().setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, OPTIONS");
response().setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent");
return ok();
}
}
PS:通过这种方法我做了不必为此创建一个scala过滤器。
PS: By this approach I did not have to create a scala filter for this.
这篇关于Play Framework 2.3 - CORS标题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
