GlassFish：如何设置Access-Control-Allow-Origin标题 [英] GlassFish: How to set Access-Control-Allow-Origin header

问题描述

我正在使用最新版本的GlassFish。我想在响应中设置Access-Control-Allow-Origin标头，以便可以从任何域调用托管在GlassFish上的API。但我无法找到将它设置在哪里。

解决方案

在我的情况中，API请求由Jersey独占处理，因此我可以在 ContainerResponseFilter 中设置响应头文件：

  package my 。应用程序; 
 
 import com.sun.jersey.spi.container.ContainerRequest; 
 import com.sun.jersey.spi.container.ContainerResponse; 
 import com.sun.jersey.spi.container.ContainerResponseFilter; 
 
 public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {
 $ b @Override 
 public ContainerResponse过滤器（ContainerRequest creq，ContainerResponse cresp）{
 
 cresp.getHttpHeaders （）.putSingle（Access-Control-Allow-Origin，*）; 
 cresp.getHttpHeaders（）。putSingle（Access-Control-Allow-Credentials，true）; 
 cresp.getHttpHeaders（）。putSingle（Access-Control-Allow-Methods，GET，POST，DELETE，PUT）; 
 cresp.getHttpHeaders（）。putSingle（Access-Control-Allow-Headers，Content-Type，Accept）; 
 
返回cresp; 
 
 
  

在web.xml中启用过滤器：

 < servlet> 
< servlet-name>网关Servlet< / servlet-name> 
< servlet-class> com.sun.jersey.spi.container.servlet.ServletContainer< / servlet-class> 
< init-param> 
< param-name> com.sun.jersey.spi.container.ContainerResponseFilters< / param-name> 
< param-value> my.app.CrossOriginResourceSharingFilter< / param-value> 
< / init-param> 
  1< / load-on-startup> 
< / servlet> 
  

如果你不使用Jersey，我想你可以创建一个类似的servlet响应过滤器。 p>

I am using the latest version of GlassFish. I want to set the Access-Control-Allow-Origin header in response so that my API which is hosted on GlassFish can be called from any domain. But I am not able to find out where to set it.

解决方案

In my case, the API requests are exclusively handled by Jersey, therefore I can set response headers in a ContainerResponseFilter:

package my.app;

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;

public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {

    @Override
    public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) {

        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept");

        return cresp;
    }
}

The filter gets enabled in web.xml:

<servlet>
    <servlet-name>Gateway Servlet</servlet-name>
    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
    <init-param>
        <param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name>
        <param-value>my.app.CrossOriginResourceSharingFilter</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

If you don't use Jersey, I guess you can create a similar servlet response filter.

这篇关于GlassFish：如何设置Access-Control-Allow-Origin标题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！