在Tomcat 8.0.30上启用CORS [英] Enable CORS on Tomcat 8.0.30

问题描述

感谢任何帮助。

我在新部署的Tomcat 8.0.30上遇到CORS问题。我不断收到以下错误。我使用127.0.0.1作为API服务器地址，而192.168.1.100是我的HTTP服务器地址。

否'访问控制-Allow-Origin'标头出现在请求的资源上。因此，不允许访问来源 _http：//192.168.1.100：8999。响应的HTTP状态代码为403。

通读整个Tomcat文档，并在tomcat web.xml下添加了cors过滤器与项目web.xml一样，但这里没有发生任何魔术，仍然出现相同的错误。使用init-param尝试了最小和高级，同样的错误。

我正在使用Spring 4作为我的其余api框架。需要在项目编码部分进行其他配置吗？

到目前为止，我已经完成以下步骤：

• 在web.xml下添加cors过滤器，根据文档的最小配置，不起作用


• 在web.xml下添加cors过滤器，完整配置，而不是


• 试图使用
  
  
  

  ---

  
  
  

  添加web.xml配置
  我尝试将cors.allowed.origins更改为*，更改为127.0.0.1,192.168.1.100，全部不起作用，
  删除凭据并最大化

   < filter> 
  < filter-name> CorsFilter< / filter-name> 
  < filter-class> org.apache.catalina.filters.CorsFilter< / filter-class> 
  < init-param> 
  < param-name> cors.allowed.origins< / param-name> 
  < param-value> http：//192.168.1.100< / param-value> 
  < / init-param> 
  < init-param> 
  < param-name> cors.allowed.methods< / param-name> 
  < param-value> GET，POST，HEAD，OPTIONS，PUT< / param-value> 
  < / init-param> 
  < init-param> 
  < param-name> cors.allowed.headers< / param-name> 
  <参数值>内容类型，X-请求的对象，接受，来源，访问控制请求方法，访问控制请求头，授权< /参数值> 
  < / init-param> 
  < init-param> 
  < param-name> cors.exposed.headers< / param-name> 
  < param-value>访问控制允许凭据，访问控制允许凭据< / param-value> 
  < / init-param> 
  < / filter> 
  < filter-mapping> 
  < filter-name> CorsFilter< / filter-name> 
  < url-pattern> / *< / url-pattern> 
  < / filter-mapping> 
    

  
  
  

  ---

  
  
  

  Vishal建议，将Tomcat版本从8.0更改为8.5，仍然是同一问题

    XMLHttpRequest无法加载http://127.0.0.1:8080/leyutech-framework-gurunwanfeng/api/ ad / getAdInfoByAdType.html？adType = 0。所请求的资源上没有 Access-Control-Allow-Origin标头。因此，不允许访问来源 http://192.168.1.100:8080。响应的HTTP状态码为403。
    

  
  

  解决方案

  我已经使用自定义过滤器来解决此问题，我不知道为什么在我的情况下不能使用正式的tomcat cors过滤器，任何人都可以提出其背后的逻辑，我愿意尝试一下。

  
  
  

  Tobia的原始帖子

  
  
  

  通过上面的链接修改了代码。

    import java.io.IOException; 
   
   import javax.servlet.Filter; 
   import javax.servlet.FilterChain; 
   import javax.servlet.FilterConfig; 
   import javax.servlet.ServletException; 
   import javax.servlet.ServletRequest; 
   import javax.servlet.ServletResponse; 
   import javax.servlet.http.HttpServletResponse; 
   
  公共类SimpleCORSFilter实现了Filter {
   
   public void doFilter（ServletRequest req，ServletResponse res，FilterChain chain）引发IOException，ServletException {
   HttpServletResponse response =（HttpServletResponse） RES; 
   response.setHeader（ Access-Control-Allow-Origin， *）; 
   response.setHeader（ Access-Control-Allow-Methods， POST，GET，OPTIONS，DELETE）; 
   response.setHeader（ Access-Control-Max-Age， 3600）; 
   response.setHeader（ Access-Control-Allow-Headers， x-requested-with）; 
   chain.doFilter（req，res）; 
  } 
   
   public void destroy（）{
   // TODO自动生成的方法存根
   
  } 
   
   public void init（FilterConfig arg0）抛出ServletException {
   // TODO自动生成的方法存根
   
  } 
   
  } 
    

  当前项目下的web.xml配置

   <过滤器> 
  < filter-name> SimpleCORSFilter< / filter-name> 
  < filter-class> com.example.util.SimpleCORSFilter< / filter-class> 
  < / filter> 
  < filter-mapping> 
  < filter-name> SimpleCORSFilter< / filter-name> 
  < url-pattern> / *< / url-pattern> 
  < / filter-mapping> 
    

  
  

  Appreciate any help.

  I'm facing the problem with the CORS on my newly deployed Tomcat 8.0.30. I keep getting the error below. I am using 127.0.0.1 as the API server address and 192.168.1.100 is the address of my HTTP server.

  No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '_http://192.168.1.100:8999' is therefore not allowed access. The response had HTTP status code 403.

  Read through whole Tomcat documentation, added the cors filter under the tomcat web.xml, as well as the project web.xml, but nothing magic happens here, still getting the same error. Tried both minimal and advanced with init-param, same error.

  I am using Spring 4 as my rest api framework. Any more configurations need to be done on the project coding part?

  Here are the steps I've done so far:

  • add cors filter under web.xml, mininal config according to documentation, not working
  • add cors filter under web.xml, full config, not working as well.
  • tried to use cors filter from http://software.dzhuvinov.com/cors-filter.html, still not working

  Any suggestions?

  ---

  Add the web.xml configuration I've tried to change cors.allowed.origins to *, to 127.0.0.1,192.168.1.100, all not working, remove credentials and maxage

  <filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
      <param-name>cors.allowed.origins</param-name>
      <param-value>http://192.168.1.100</param-value>
    </init-param>
    <init-param>
      <param-name>cors.allowed.methods</param-name>
      <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
    </init-param>
    <init-param>
      <param-name>cors.allowed.headers</param-name>
      <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization</param-value>
    </init-param>
    <init-param>
      <param-name>cors.exposed.headers</param-name>
      <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  

  ---

  Suggested by Vishal, changing tomcat version from 8.0 to 8.5, still same issue

   XMLHttpRequest cannot load http://127.0.0.1:8080/leyutech-framework-gurunwanfeng/api/ad/getAdInfoByAdType.html?adType=0. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.1.100:8080' is therefore not allowed access. The response had HTTP status code 403.
  

  解决方案

  I've used the custom filter to accomplish this issue, I have no idea why offical tomcat cors filter is not working in my case, Any one can suggest the logic behind this, I am willing to try this out.

  Original Post from Tobia

  The code is modified from the link above.

  import java.io.IOException;
  
  import javax.servlet.Filter;
  import javax.servlet.FilterChain;
  import javax.servlet.FilterConfig;
  import javax.servlet.ServletException;
  import javax.servlet.ServletRequest;
  import javax.servlet.ServletResponse;
  import javax.servlet.http.HttpServletResponse;
  
  public class SimpleCORSFilter implements Filter {
  
      public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
          HttpServletResponse response = (HttpServletResponse) res;
          response.setHeader("Access-Control-Allow-Origin", "*");
          response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
          response.setHeader("Access-Control-Max-Age", "3600");
          response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
          chain.doFilter(req, res);
      }
  
      public void destroy() {
          // TODO Auto-generated method stub
  
      }
  
      public void init(FilterConfig arg0) throws ServletException {
          // TODO Auto-generated method stub
  
      }
  
  }
  

  web.xml configuration under current project

  <filter>
      <filter-name>SimpleCORSFilter</filter-name>
      <filter-class>com.example.util.SimpleCORSFilter</filter-class>
  </filter>
  <filter-mapping>
      <filter-name>SimpleCORSFilter</filter-name>
      <url-pattern>/*</url-pattern>
  </filter-mapping>
  

  这篇关于在Tomcat 8.0.30上启用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！