如何在java中的服务器端代码上启用CORS [英] How to enable CORS on server-side code in java

问题描述

我们遇到的情况是UI在一台主机上运行，​​并且它正在尝试与另一台主机上可用的资源进行通信。这里的问题是，UI无法调用资源，因为该资源位于不同的域中，除非服务器启用了CORS，否则跨域请求将无法工作。

We are having a situation where UI is running on one host, and it is trying to communicate with the resources which are available on another host. The problem here is that, the UI is not be able to make call to the resources because that resource lives in a different domain and cross domain requests will not work unless the server is CORS enabled .

为了使服务器CORS启用，我们进行了以下更改。

In-order to make server CORS enabled, We have done the below changes .

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.ext.Provider;
import java.io.IOException;

@Provider
public class CORSFilter implements ContainerResponseFilter {

    @Override
    public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException
    {
        response.getHeaders().add("Access-Control-Allow-Origin", "*");
        response.getHeaders().add("Access-Control-Allow-Headers","origin, content-type, accept, authorization");
        response.getHeaders().add("Access-Control-Allow-Credentials", "true");
        response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
    }
}

但是我无法弄明白我需要的地方映射/配置此类，因为没有配置文件（web.xml）。
我对在服务器端启用CORS知之甚少。
请建议如何继续进行。

However I am not able to figure out where I need to map/configure this class,since there is no config files (web.xml). I don't have much knowledge on enabling CORS on server-side . Please suggest how to proceed further .

推荐答案

据我所知，以下工作正在进行中

As far as I'm concerned the following are working

response.getHeaders().add("Access-Control-Allow-Origin", "*");
response.getHeaders().add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
response.getHeaders().add("Access-Control-Allow-Credentials", "true");
response.getHeaders().add("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS,HEAD");

(对于春云netflix和其他人）

Edit : (For spring cloud netflix and maybe others)

@Component
public class HeadersFilter implements Filter {
    @Override
    public void init(FilterConfig fc) throws ServletException {
    }
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain fc) throws IOException, ServletException {
        if(servletResponse instanceof HttpServletResponse){
            HttpServletResponse response = (HttpServletResponse) servletResponse;
            // here add the headers
        }
        fc.doFilter(servletRequest, servletResponse);
    }
    @Override
    public void destroy() {
    }
}

这篇关于如何在java中的服务器端代码上启用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！