Tomcat CORS过滤器 [英] Tomcat CORS filter

问题描述

我要启用tomcat CORS过滤器，我将其添加到web.xml中：

 < filter> 
< filter-name> CorsFilter< / filter-name> 
< filter-class> org.apache.catalina.filters.CorsFilter< / filter-class> 
< / filter> 
< filter-mapping> 
< filter-name> CorsFilter< / filter-name> 
< url-pattern> / *< / url-pattern> 
< / filter-mapping> 
  

但它不工作。
我尝试使用自定义过滤器：

 < filter> 
< filter-name> SimpleCORSFilter< / filter-name> 
< filter-class> com.common.SimpleCORSFilter< / filter-class> 
< / filter> 
< filter-mapping> 
< filter-name> SimpleCORSFilter< / filter-name> 
< url-pattern> / *< / url-pattern> 
< / filter-mapping> 
  

使用此类别：

  public class SimpleCORSFilter implements Filter {
 
 public void doFilter（ServletRequest req，ServletResponse res，FilterChain chain）throws IOException，ServletException {
 HttpServletResponse response =（HttpServletResponse）res ; 
 response.setHeader（Access-Control-Allow-Origin，*）; 
 response.setHeader（Access-Control-Allow-Methods，POST，GET，OPTIONS，DELETE）; 
 response.setHeader（Access-Control-Max-Age，3600）; 
 response.setHeader（Access-Control-Allow-Headers，x-requested-with）; 
 chain.doFilter（req，res）; 
} 
} 
  

这个工作很好，你能告诉我为什么吗？
我不知道它是否重要，但我是usign Spring框架。

解决方案

href =http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter =nofollow noreferrer> org.apache.catalina.filters .CorsFilter 在请求中首先找到一个标头： Origin 。如果此标头不存在，则过滤器不会在响应中添加任何标头。

此外，在 POST 请求中，查找 Content-Type 。其他方法也会发生类似的情况。您可以查看代码。换句话说，有一个流程图： / p>

I want to enable tomcat CORS filter, i added this to web.xml:

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

But it doesn't work. I tried with a custom filter:

<filter>
    <filter-name>SimpleCORSFilter</filter-name>
    <filter-class>com.common.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>SimpleCORSFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

With this Class:

public class SimpleCORSFilter implements Filter {

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
        chain.doFilter(req, res);
    }
}

And this well works, can you tell me why? I don't know if it is important but I'm usign Spring Framework.

解决方案

The filter org.apache.catalina.filters.CorsFilter seek first a header in the request: Origin. If this header does not exist, the filter does not add any header in the response. Perhaps for that reason does not work.

Additionally, in a POST request, look for the header Content-Type. Something similar happens to other methods. May you want to see the code of this filter. In another way, there is a flowchart:

这篇关于Tomcat CORS过滤器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！