CORS - Access http:// localhost不允许由Access-Control-Allow-Origin使用。错误。

时间:2012-11-15 13:22:34

标签: java tomcat7 cors atmosphere

我无法为使用氛围框架(https://github.com/Atmosphere/atmosphere)构建的网络应用启用CORS

我的请求类似于:

/**
 * @constructor
 * @extends {goog.events.EventTarget}
 *
 * @param {string} id The id.
 * @param {string} url The url.
 * @param {Object} request The request options.
 */
atom.Request = function(id, url, request) {
  this.setParentEventTarget(core.inject(atom));
  this.url = url;
  this.requestOptions_ = {};
  goog.object.extend(this.requestOptions_, request);
  goog.object.extend(this.requestOptions_, {
    'url' : url,
    'onError' : goog.bind(this.onError, this),
    'onClose' : goog.bind(this.onClose, this),
    'onOpen': goog.bind(this.onOpen, this),
    'fallbackTransport' : 'jsonp',
    'onMessage' : goog.bind(this.onMessage, this),
    'onMessagePublished': goog.bind(this.onMessagePublished, this),
    'onReconnect': goog.bind(this.onReconnect, this),
    'enableXDR': 'true',
    'transport': 'streaming'
  });
  this.id_ = id;
  this.request_ = $.atmosphere.subscribe(this.requestOptions_);
};
goog.inherits(atom.Request, goog.events.EventTarget);

并且在服务器(tomcat7.0.32)上我的过滤器是transactioncompany cors过滤器(http://software.dzhuvinov.com/cors-filter.html)

web.xml:

<filter>
    <filter-name>corsFilter</filter-name>
    <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>

      <init-param>
            <param-name>cors.allowGenericHttpRequests</param-name>
            <param-value>true</param-value>
       </init-param>
        <init-param>
            <param-name>cors.allowOrigin</param-name>
            <param-value>*</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportedMethods</param-name>
            <param-value>GET, HEAD, POST, OPTIONS</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportedHeaders</param-name>
            <param-value>Origin, Content-Type, X-Requested-With, Access-Control-Allow-Origin</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportsCredentials</param-name>
            <param-value>true</param-value>
       </init-param>
        <init-param>
            <param-name>cors.maxAge</param-name>
            <param-value>3600</param-value>
       </init-param>
</filter>

当我向客户提出请求时,我会得到 Origin http://localhost is not allowed by Access-Control-Allow-Origin. 错误。

请求信息:

Request Headers 

Cache-Control:no-cache
Origin:http://localhost
Pragma:no-cache
Referer:http://localhost/sportsdesk/build/development/en/application.html
User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1

Query String Parameters

X-Atmosphere-tracking-id:0
X-Atmosphere-Framework:1.1
X-Atmosphere-Transport:streaming
X-Cache-Date:0
_:1352918719739

在这一点上,当涉及到问题时,我真的没有想法。有人可以发现它吗?

干杯, 麦克风。

1 个答案:

答案 0 :(得分:1)

将cors.supportsCredentials设置为“false”(如果您在XHR请求中设置了“承诺”,则可以随时重新启用它。)

相关问题
最新问题