Question

我使用的是使用Spring / REST构建的API。为了启用CORS，我使用Apache CORS过滤器。当我尝试使用其他域向我的API发出请求时出现此错误：

XMLHttpRequest无法加载。＆＃39; Access-Control-Allow-Origin＆＃39;标头包含多个值＆＃39; http://localhost:8000，*＆＃39;，但只允许一个。

我的CORS过滤器配置：

<filter>
        <filter-name>CorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>*</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.methods</param-name>
            <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.headers</param-name>
            <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,user,client,lang</param-value>
        </init-param>
        <init-param>
            <param-name>cors.exposed.headers</param-name>
            <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
        </init-param>
        <init-param>
            <param-name>cors.support.credentials</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>cors.preflight.maxage</param-name>
            <param-value>10</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CorsFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

使用restAngular执行API请求的部分代码：

 hjcServices.factory('ParamService', function (Restangular) {
        var initParamResource = Restangular.one('param', 'hjc.param.init');
        return {
            getParam: function () {
                return initParamResource.getList("",{},{'user':'joueur','client':'hjc','lang':'fr'});
            }
        };
    });

使用Chrome浏览器的请求标头/答案：

Remote Address:54.68.34.235:8080
Request URL:http://ec2-54-68-34-235.us-west-2.compute.amazonaws.com:8080/hjc-rest-dev/param/hjc.param.init
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
client:hjc
Connection:keep-alive
Host:ec2-54-68-34-235.us-west-2.compute.amazonaws.com:8080
lang:fr
Origin:http://localhost:8000
Referer:http://localhost:8000/
user:joueur
User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:x-requested-with
Access-Control-Allow-Methods:POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin:http://localhost:8000
Access-Control-Allow-Origin:*
Access-Control-Expose-Headers:Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Access-Control-Max-Age:3600
Content-Length:583
Content-Type:application/json;charset=UTF-8
Date:Sat, 28 Feb 2015 17:48:42 GMT
Server:Apache-Coyote/1.1

API在使用curl时可以找到，但在使用Restangular时却没有。

Answer 1

我找到了为什么我为“访问控制 - 允许 - 来源”获得多个值的原因。我在REST端点后面的类中为CORS定义了自定义解决方案。

使用Apache CORS过滤器和Restangular时的CORS问题

1 个答案: