与tomcat服务器共享跨源资源

时间:2013-04-09 19:11:48

标签: tomcat cross-domain cors

我想允许交叉来源请求到我的服务器。 我找到了以下过滤器代码:

public class CorsFilter implements Filter {
  // For security reasons set this regex to an appropriate value
  // example: ".*example\\.com"
  private static final String ALLOWED_DOMAINS_REGEXP = ".*";

  public void doFilter(ServletRequest servletRequest,
      ServletResponse servletResponse, FilterChain filterChain)
      throws IOException, ServletException {

    HttpServletRequest req = (HttpServletRequest) servletRequest;
    HttpServletResponse resp = (HttpServletResponse) servletResponse;

    String origin = req.getHeader("Origin");

    if (origin != null && origin.matches(ALLOWED_DOMAINS_REGEXP)) {
          System.out.println("CorsFilter:: origin matches, yey");
      resp.addHeader("Access-Control-Allow-Origin", origin);

      if ("options".equalsIgnoreCase(req.getMethod())) {

        resp.setHeader("Allow", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS");
        if (origin != null) {
          String headers = req.getHeader("Access-Control-Request-Headers");
          String method = req.getHeader("Access-Control-Request-Method");
          resp.addHeader("Access-Control-Allow-Methods", method);
          resp.addHeader("Access-Control-Allow-Headers", headers);
          resp.setContentType("text/plain");
        }
        resp.getWriter().flush();
        return;
      }
    }

    // Fix ios6 caching post requests
    if ("post".equalsIgnoreCase(req.getMethod())) {
      resp.addHeader("Cache-Control", "no-cache");
    }

    if (filterChain != null) {
      filterChain.doFilter(req, resp);
    }
  }

  @Override public void destroy() {}
  @Override public void init(FilterConfig arg0) throws ServletException {}
}

似乎只有在第一个OPTIONS请求时才会执行任何操作。但是,在我的情况下,我没有看到任何OPTIONS请求,只看到GET请求。我错过了什么吗?解决方案是什么?

1 个答案:

答案 0 :(得分:0)

从Tomcat 7.0.41开始,您可以通过built-in filter控制CORS行为。

您唯一需要做的就是编辑CATALINA_HOME / conf中的全局web.xml并添加过滤器定义:

     <!-- ================== Built In Filter Definitions ===================== -->

      ...

     <filter>
       <filter-name>CorsFilter</filter-name>
       <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
     </filter>
     <filter-mapping>
       <filter-name>CorsFilter</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>

    <!-- ==================== Built In Filter Mappings ====================== -->
相关问题
最新问题