主要解决跨域请求的问题,原理就不多做介绍了,知道怎么用就行了。
官网:http://software.dzhuvinov.com/cors-filter.html
pom.xml
<dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>cors-filter</artifactId>
<version>2.4</version>
</dependency>
web.xml
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.configurationFile</param-name>
<param-value>cors.properties</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
cors.properties
引用
#cors.allowGenericHttpRequests {true|false} defaults to true.
#If true generic HTTP requests will be allowed to pass through the filter, else only valid and accepted CORS requests will be allowed (strict CORS filtering).
cors.allowGenericHttpRequests = true
#cors.allowOrigin {"*"|origin-list} defaults to *.
#Whitespace-separated list of origins that the CORS filter must allow. Requests from origins not included here will be refused with an HTTP 403 "Forbidden" response. If set to * (asterisk) any origin will be allowed.
cors.allowOrigin = http://fanfq.com
#cors.allowSubdomains {true|false} defaults to false.
#If true the CORS filter will allow requests from any origin which is a subdomain origin of the allowed origins. A subdomain is matched by comparing its scheme and suffix (host name / IP address and optional port number).
cors.allowSubdomains = true
#cors.supportedMethods {method-list} defaults to "GET, POST, HEAD, OPTIONS".
#List of the supported HTTP methods. These are advertised through the Access-Control-Allow-Methods header and must also be implemented by the actual CORS web service. Requests for methods not included here will be refused by the CORS filter with an HTTP 405 "Method not allowed" response.
cors.supportedMethods = GET, POST, HEAD, OPTIONS
#cors.supportedHeaders {"*"|header-list} defaults to *.
#The names of the supported author request headers. These are advertised through the Access-Control-Allow-Headers header.
#If the configuration property value is set to * (asterisk) any author request header will be allowed. The CORS Filter implements this by simply echoing the requested value back to the browser.
#What is an author request header? This any custom header set by the browser JavaScript application through the XMLHttpRequest.setRequestHeader() method.
cors.supportedHeaders = *
#cors.exposedHeaders {header-list} defaults to empty list.
#List of the response headers other than simple response headers that the browser should expose to the author of the cross-domain request through the XMLHttpRequest.getResponseHeader() method. The CORS filter supplies this information through the Access-Control-Expose-Headers header.
cors.exposedHeaders = X-Test-1, X-Test-2
#cors.supportsCredentials {true|false} defaults to true.
#Indicates whether user credentials, such as cookies, HTTP authentication or client-side certificates, are supported. The CORS filter uses this value in constructing the Access-Control-Allow-Credentials header.
cors.supportsCredentials = true
#cors.maxAge {int} defaults to -1 (unspecified).
#Indicates how long the results of a preflight request can be cached by the web browser, in seconds. If -1 unspecified. This information is passed to the browser via the Access-Control-Max-Age header.
cors.maxAge = 3600
#cors.tagRequests {true|false} defaults to false (no tagging).
#Enables HTTP servlet request tagging to provide CORS information to downstream handlers (filters and/or servlets).
cors.tagRequests = false
分享到:
相关推荐
tomcat服务器跨域需要的CorsFilter jar包文件tomcat服务器跨域需要的CorsFilter jar包文件tomcat服务器跨域需要的CorsFilter jar包文件
com.thetransactioncompany.cors.CORSFilter 所需jar包
同源跨域问题解决(含options方法),利用拦截器,对不同源方法进行过滤,可实现对配置不同源访问权限,避免无脑“*”配置
跨域问题解决
解决跨域过滤器
本资源主要演示了Spring Boot 如何全局配置跨域资源共享。本资源解压后包含2个文件夹:blog2和testFrontEnd。blog2是后端java代码项目,由Maven构建。testFrontEnd是前端项目,测试了能否正常使用跨域的Web API。
tomcat服务器部署后,访问遇到跨域问题,资源包含需要的cors-filter-1.7.jarr和java-property-utils-1.9。测试无误,需要注意的是资源的命名空间为com.thetransactioncompany.cors
解决跨域问题的filter
cors过滤器这个非常简单的项目受到spring source关于cors的帖子的强烈启发,原帖在 。 原帖和这个贡献的主要区别基本上是这个版本的 cors-filter 可以通过 servlet 过滤器的标准 inti-param 进行编程
tomcat解决跨域访问问题,具体配置如下: 1、修改tomcat下的Conf/web.xml文件,在该文件内容中新增以下配置,注意,若该web.xml中存在其它filter,则需要将该filter放在所有filter前面; <filter-name>...
导入jar包,在web.xml加上 <filter-name>CORS <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <filter-name>CORS <url-pattern>/* </filter-mapping>
cors-filter-1.7.jar java-property-utils-1.9.jar
解决tomcat跨域所需的两个jar包cors-fiter.jar&java;-property.jar
该过滤器可以通过 JavaConfig 或 web.xml 进行配置。 需要 Java 8。 但为什么? 是的,已经有几个这样的过滤器了。 它们都不支持 JavaConfig。 与 Tomcat 捆绑的那个给了我一个项目的问题。 所以我写了这个简单的...
最近在使用前端调取服务器静态资源的时候,总是报图片跨域的错误,该问题可以通过服务器配置跨域权限来解决。 首先下载cors-filter-2.5.jar和java-property-utils-1.9.1 1、把这两个jar包放在tomcat的lib下。 2、在...
支持跨域使用的jar包及跨域tomcat设置方法 支持跨域使用的jar包及跨域tomcat设置方法
Tomcat 在设置跨域 jar包的一部分,cors-filter-1.7.jar,cors-filter-2.5.jar,cors-filter-2.10.jar
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> 4、添加过滤器路由代码: <filter-name>CORS <url-pattern>/* 5、添加完毕后,重启geoserver 6、如果目录中存在maven,需要在pom...
解决tomcat在IP 和端口不同时引起的跨域问题,解决方案,通过编写crossDomain.xml文件
更新Apache Tomcat web.xml配置文件以启用CORSFilter,并添加以下过滤器定义 < filter> CorsFilter < /filter-name > < filter> org.apache.catalina.filters.CorsFilter < /filter-class > < param> ...