Java跨域设置
2016-05-30 20:12
453 查看
Access-Control-Allow-Origin 为允许哪些Origin发起跨域请求. 这里设置为”*”表示允许所有,通常设置为所有并不安全,最好指定一下。
Access-Control-Allow-Methods 为允许请求的方法.
Access-Control-Max-Age 表明在多少秒内,不需要再发送预检验请求,可以缓存该结果
Access-Control-Allow-Headers 表明它允许跨域请求包含content-type头,这里设置的x-requested-with ,表示ajax请求
Access-Control-Allow-Methods 为允许请求的方法.
Access-Control-Max-Age 表明在多少秒内,不需要再发送预检验请求,可以缓存该结果
Access-Control-Allow-Headers 表明它允许跨域请求包含content-type头,这里设置的x-requested-with ,表示ajax请求
<filter> <filter-name>CrossOrigin</filter-name> <filter-class>org.digdata.swustoj.filter.CrossOriginFilter</filter-class> <init-param> <param-name>AccessControlAllowOrigin</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>AccessControlAllowMethods</param-name> <param-value>POST, GET, DELETE, PUT</param-value> </init-param> <init-param> <param-name>AccessControlMaxAge</param-name> <param-value>3628800</param-value> </init-param> <init-param> <param-name>AccessControlAllowHeaders</param-name> <param-value>x-requested-with</param-value> </init-param> </filter> <filter-mapping> <filter-name>CrossOrigin</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
package org.digdata.swustoj.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
/**
*
* @author wwhhf
* @since 2016年5月30日
* @comment 跨域过滤器
*/
public class CrossOriginFilter implements Filter {
private FilterConfig config = null;
@Override
public void init(FilterConfig config) throws ServletException {
this.config = config;
}
@Override
public void destroy() {
this.config = null;
}
/**
*
* @author wwhhf
* @since 2016/5/30
* @comment 跨域的设置
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) response;
// 表明它允许"http://xxx"发起跨域请求
httpResponse.setHeader("Access-Control-Allow-Origin",
config.getInitParameter("AccessControlAllowOrigin"));
// 表明在xxx秒内,不需要再发送预检验请求,可以缓存该结果
httpResponse.setHeader("Access-Control-Allow-Methods",
config.getInitParameter("AccessControlAllowMethods"));
// 表明它允许xxx的外域请求
httpResponse.setHeader("Access-Control-Max-Age",
config.getInitParameter("AccessControlMaxAge"));
// 表明它允许跨域请求包含xxx头
httpResponse.setHeader("Access-Control-Allow-Headers",
config.getInitParameter("AccessControlAllowHeaders"));
chain.doFilter(request, response);
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Java反射机制 初步(二)
- Java反射机制 初步(一)
- Java之IO操作总结
- SPRING SECURITY 拦截静态资源
- SPRING SECURITY 拦截静态资源
- (Java)LeetCode-18. 4Sum
- web.xml中classpath和classpath*的区别
- 优酷视频解析(16.5.30更新)Java代码版本
- java5.30学习笔记
- Easy-题目4:226. Invert Binary Tree
- Easy-题目3:104. Maximum Depth of Binary Tree
- struts2验证规则validation配置文件命名方式总结
- 在spring框架中配置Quartz定时器发生错误: class org.springframework.scheduling.quartz.JobDetailBean has interface org.quartz.JobDetail as sup
- struts2验证规则validation配置文件命名方式总结
- spring mvc 删除返回字符串中值为null的字段
- java基本语法之基本数据类型详解
- eclipse相关资源
- Java代码判断字符串是否为汉字
- eclipse explorer插件
- Java 线程池源码