请求的资源上没有“ Access-Control-Allow-Origin”标头-Resteasy [英] No 'Access-Control-Allow-Origin' header is present on the requested resource - Resteasy
问题描述
我正在开发一个包含UI-Angular,Server-Java,RestEasy 3.0.9的Web应用程序.Final可以进行其余的api调用
I am working on a webapplication comprises UI-Angular , Server-Java , RestEasy 3.0.9.Final for rest api calls
当我尝试访问其余部分时来自另一个域的服务变得低于错误
When i tried to access the rest service from another domain am getting below error
无法加载对预检请求的响应未通过访问控制检查:否 Access-Control-Allow-Origin标头出现在请求的资源上。因此,不允许访问来源' http:// localhost:8080 。
CANNOT LOAD Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
我将服务器端配置为响应跨域调用,这正在使用GET调用,但POST调用正在创建错误
I configured my server side to respond with the cross domain calls and this is working with the GET Call but POST Call is creating ERROR
web.xml
<context-param>
<param-name>resteasy.providers</param-name>
<param-value>com.test.sample.app.CorsFeature</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>resteasy-servlet</servlet-name>
<servlet-class>
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.test.sample.app.Application</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>resteasy-servlet</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
<context-param>
<param-name>resteasy.servlet.mapping.prefix</param-name>
<param-value>/rest</param-value>
</context-param>
<context-param>
<param-name>resteasy.scan</param-name>
<param-value>true</param-value>
</context-param>
服务等级
@GET
@Path("/getnameAtt")
@Produces(MediaType.APPLICATION_JSON)
public Response getHostnameAttributes() {
return Response
.status(200)
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Headers",
"origin, content-type, accept, authorization")
.header("Access-Control-Allow-Credentials", "true")
.header("Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS, HEAD")
.header("Access-Control-Max-Age", "1209600")
.entity(new TestImpl().getHostNameAttributes())
.build();
}
@POST
@Path("/getSeq")
@Produces(MediaType.APPLICATION_JSON)
public Response getCurrentSequence(String request) {
return Response
.status(200)
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Headers",
"origin, content-type, accept, authorization")
.header("Access-Control-Allow-Credentials", "true")
.header("Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS, HEAD")
.header("Access-Control-Max-Age", "1209600")
.entity(new TestImpl().getCurrentSeq(request))
.build();
}
由于我是resteasy的新手,所以无法弄清楚为什么这不起作用。
任何帮助将不胜感激。等待您的答复。
Since i am new to resteasy not able to figure out why this was not working. Any help would be greatly appreciated . Waiting for your response.
谢谢
推荐答案
您的资源方法赢得了不会被击中,因此它们的标题永远不会被设置。原因是实际请求之前有一个所谓的预检请求,这是一个 OPTIONS 请求。因此,错误来自以下事实:预检请求未生成必要的标头。
Your resource methods won't get hit, so their headers will never get set. The reason is that there is what's called a preflight request before the actual request, which is an OPTIONS request. So the error comes from the fact that the preflight request doesn't produce the necessary headers.
对于RESTeasy,您应该使用 CorsFilter 。您可以在此处中查看如何配置它的示例。该过滤器将处理预检请求。因此,您可以删除资源方法中所有的标头。
For RESTeasy, you should use CorsFilter. You can see here for some example how to configure it. This filter will handle the preflight request. So you can remove all those headers you have in your resource methods.
另请参见:
- HTTP access control (CORS)
这篇关于请求的资源上没有“ Access-Control-Allow-Origin”标头-Resteasy的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
