使dropwizard中的cors无法正常工作 [英] Enabling cors in dropwizard not working

问题描述

我正在研究一个dropwizard应用程序和js ui来与api交互。我需要加载json数据来更新视图，但我必须在之前启用dropwizard中的cors。我做了一些工作人员，但似乎没有用，因为dropwizard总是返回204没有内容。

I'm working on a dropwizard application and js ui to interacte with the api. I need to load json data to update views but I have to enable cors in dropwizard before that. I did some staff but it seems not working because dropwizard returns allways 204 no content.

@Override
public void run(final BGConfiguration configuration, final Environment environment) throws Exception {
  final Map<String, String> params = new HashMap<>();
  params.put("Access-Control-Allow-Origin", "/*");
  params.put("Access-Control-Allow-Credentials", "true");
  params.put("Access-Control-Expose-Headers", "true");
  params.put("Access-Control-Allow-Headers", "Content-Type, X-Requested-With");
  params.put("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
  environment.servlets().addFilter("cors", CrossOriginFilter.class).setInitParameters(params);
}

推荐答案

这里的错误是过滤器尚未通过 addMappingForUrlPatterns 方法配置URL路径。

The bug here is that the filter hasn't been configured with a URL path via the addMappingForUrlPatterns method.

这对我来说使用了dropwizard 0.7 .1：

This worked for me using dropwizard 0.7.1:

import org.eclipse.jetty.servlets.CrossOriginFilter;
import javax.servlet.DispatcherType;
import java.util.EnumSet;

public void run(Configuration conf, Environment environment)  {
    // Enable CORS headers
    final FilterRegistration.Dynamic cors =
        environment.servlets().addFilter("CORS", CrossOriginFilter.class);

    // Configure CORS parameters
    cors.setInitParameter("allowedOrigins", "*");
    cors.setInitParameter("allowedHeaders", "X-Requested-With,Content-Type,Accept,Origin");
    cors.setInitParameter("allowedMethods", "OPTIONS,GET,PUT,POST,DELETE,HEAD");

    // Add URL mapping
    cors.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
}

我假设你在浏览器中测试这个，但是你可以通过CLI验证如下curl命令：

I'm assuming you're testing this live in a browser, but you can verify via CLI with a curl command like this:

$ curl -H "Origin: http://example.com" \
       -H "Access-Control-Request-Method: POST" \
       -H "Access-Control-Request-Headers: X-Requested-With" \
       -X OPTIONS --verbose \
       http://localhost:8080

你应该看到一个一堆访问控制 - * 响应中的HTTP标头。

You should see a bunch of Access-Control-* HTTP headers in the response.

这篇关于使dropwizard中的cors无法正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！