GlassFish:如何设置Access-Control-Allow-Origin标题 [英] GlassFish: How to set Access-Control-Allow-Origin header
问题描述
我正在使用最新版本的GlassFish。我想在响应中设置Access-Control-Allow-Origin标头,以便可以从任何域调用托管在GlassFish上的API。但我无法找到将它设置在哪里。
在我的情况中,API请求由Jersey独占处理,因此我可以在 ContainerResponseFilter
中设置响应头文件:
package my 。应用程序;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {
$ b @Override
public ContainerResponse过滤器(ContainerRequest creq,ContainerResponse cresp){
cresp.getHttpHeaders ().putSingle(Access-Control-Allow-Origin,*);
cresp.getHttpHeaders()。putSingle(Access-Control-Allow-Credentials,true);
cresp.getHttpHeaders()。putSingle(Access-Control-Allow-Methods,GET,POST,DELETE,PUT);
cresp.getHttpHeaders()。putSingle(Access-Control-Allow-Headers,Content-Type,Accept);
返回cresp;
在web.xml中启用过滤器:
< servlet>
< servlet-name>网关Servlet< / servlet-name>
< servlet-class> com.sun.jersey.spi.container.servlet.ServletContainer< / servlet-class>
< init-param>
< param-name> com.sun.jersey.spi.container.ContainerResponseFilters< / param-name>
< param-value> my.app.CrossOriginResourceSharingFilter< / param-value>
< / init-param>
1< / load-on-startup>
< / servlet>
如果你不使用Jersey,我想你可以创建一个类似的servlet响应过滤器。 p>
I am using the latest version of GlassFish. I want to set the Access-Control-Allow-Origin header in response so that my API which is hosted on GlassFish can be called from any domain. But I am not able to find out where to set it.
In my case, the API requests are exclusively handled by Jersey, therefore I can set response headers in a ContainerResponseFilter
:
package my.app;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {
@Override
public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) {
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept");
return cresp;
}
}
The filter gets enabled in web.xml:
<servlet>
<servlet-name>Gateway Servlet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name>
<param-value>my.app.CrossOriginResourceSharingFilter</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
If you don't use Jersey, I guess you can create a similar servlet response filter.
这篇关于GlassFish:如何设置Access-Control-Allow-Origin标题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!