Tomcat CORS过滤器 [英] Tomcat CORS filter
问题描述
我要启用tomcat CORS过滤器,我将其添加到web.xml中:
< filter>
< filter-name> CorsFilter< / filter-name>
< filter-class> org.apache.catalina.filters.CorsFilter< / filter-class>
< / filter>
< filter-mapping>
< filter-name> CorsFilter< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
但它不工作。
我尝试使用自定义过滤器:
< filter>
< filter-name> SimpleCORSFilter< / filter-name>
< filter-class> com.common.SimpleCORSFilter< / filter-class>
< / filter>
< filter-mapping>
< filter-name> SimpleCORSFilter< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
使用此类别:
public class SimpleCORSFilter implements Filter {
public void doFilter(ServletRequest req,ServletResponse res,FilterChain chain)throws IOException,ServletException {
HttpServletResponse response =(HttpServletResponse)res ;
response.setHeader(Access-Control-Allow-Origin,*);
response.setHeader(Access-Control-Allow-Methods,POST,GET,OPTIONS,DELETE);
response.setHeader(Access-Control-Max-Age,3600);
response.setHeader(Access-Control-Allow-Headers,x-requested-with);
chain.doFilter(req,res);
}
}
这个工作很好,你能告诉我为什么吗?
我不知道它是否重要,但我是usign Spring框架。
href =http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter =nofollow noreferrer> org.apache.catalina.filters .CorsFilter
在请求中首先找到一个标头: Origin
。如果此标头不存在,则过滤器不会在响应中添加任何标头。
此外,在 POST
请求中,查找 Content-Type
。其他方法也会发生类似的情况。您可以查看代码。换句话说,有一个流程图: / p>
I want to enable tomcat CORS filter, i added this to web.xml:
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
But it doesn't work. I tried with a custom filter:
<filter>
<filter-name>SimpleCORSFilter</filter-name>
<filter-class>com.common.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SimpleCORSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
With this Class:
public class SimpleCORSFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
chain.doFilter(req, res);
}
}
And this well works, can you tell me why? I don't know if it is important but I'm usign Spring Framework.
The filter org.apache.catalina.filters.CorsFilter
seek first a header in the request: Origin
. If this header does not exist, the filter does not add any header in the response. Perhaps for that reason does not work.
Additionally, in a POST
request, look for the header Content-Type
. Something similar happens to other methods. May you want to see the code of this filter. In another way, there is a flowchart:
这篇关于Tomcat CORS过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!