跨域拦截Access-Control-Allow-Origin设置多个origin
2017-09-27 18:37
435 查看
在Extjs和java项目碰到了需要同时处理跨域,外部要访问后台接口的问题
原来的代码是这样,只能设置一个extjs前台需要过滤的跨域请求
略微改进,给同局域网的同事访问我的接口,我设置的ip是同事的192.168.1.178,是因为他的ip访问我的接口会遭到拦截,我自己的ip不会被拦截,所以不用设置
还有一种SB写法,直接根据originHeader的结果来判断,if语句简单粗暴
原来的代码是这样,只能设置一个extjs前台需要过滤的跨域请求
package com.xgt.config; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Arrays; import java.util.HashSet; import java.util.Set; /** * 解决跨域问题 */ public class SimpleCORSFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with"); response.setHeader("Access-Control-Allow-Credentials", "true");
chain.doFilter(req, res);
} public void init(FilterConfig filterConfig) {} public void destroy() {} }
略微改进,给同局域网的同事访问我的接口,我设置的ip是同事的192.168.1.178,是因为他的ip访问我的接口会遭到拦截,我自己的ip不会被拦截,所以不用设置
package com.xgt.config; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Arrays; import java.util.HashSet; import java.util.Set; /** * 解决跨域问题 */ public class SimpleCORSFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; String [] allowDomain= {"http://127.0.0.1:1841","http://192.168.1.178"}; Set<String> allowedOrigins= new HashSet<String>(Arrays.asList(allowDomain)); String originHeader=((HttpServletRequest) req).getHeader("Origin"); if (allowedOrigins.contains(originHeader)) { response.setHeader("Access-Control-Allow-Origin", originHeader); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with"); response.setHeader("Access-Control-Allow-Credentials", "true"); } chain.doFilter(req, res); } public void init(FilterConfig filterConfig) {} public void destroy() {} }
还有一种SB写法,直接根据originHeader的结果来判断,if语句简单粗暴
HttpServletResponse response = (HttpServletResponse) res; String originHeader=((HttpServletRequest) req).getHeader("Origin"); if ("http://127.0.0.1:1841".equals(originHeader)) { response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with"); response.setHeader("Access-Control-Allow-Credentials", "true"); }else if("http://192.168.1.178".equals(originHeader)){ response.setHeader("Access-Control-Allow-Origin", "http://192.168.1.178"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with"); response.setHeader("Access-Control-Allow-Credentials", "true"); }else if(originHeader==null){ chain.doFilter(req,res); } chain.doFilter(req, res);
相关文章推荐
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- C#.net 设置Access-Control-Allow-Origin来实现跨域
- Ajax 设置Access-Control-Allow-Origin实现跨域访问
- 设置Access-Control-Allow-Origin,解决多域名跨域问题
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- IIS下配置跨域设置Access-Control-Allow-Origin
- Access-Control-Allow-Origin 跨域设置多域名
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- ajax 设置Access-Control-Allow-Origin实现跨域访问 post
- ajax 设置Access-Control-Allow-Origin实现跨域访问
- Nginx 跨域设置 Access-Control-Allow-Origin 无效的解决办法
- Ajax通过设置Access-Control-Allow-Origin来实现跨域
- ajax 设置Access-Control-Allow-Origin实现跨域访问(post跨域),CORS
- ajax 设置Access-Control-Allow-Origin实现跨域访问