我已经在网站上查看了与此类似的其他问题,尽管做了这些决议,我的问题仍然是一样的。
旁注,我也尝试了setHeader(clientOrigin)
我正在使用Spring Boot v1.2.7.RELEASE和Spring控制台告诉我不允许Origin Header Value。我的客户返回403禁止。
package app.config;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
@Component
public class CorsFilter implements Filter {
private final Logger log = LoggerFactory.getLogger(CorsFilter.class);
public CorsFilter() {
log.info("SimpleCORSFilter init");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String clientOrigin = request.getHeader("origin");
response.addHeader("Access-Control-Allow-Origin", clientOrigin);
response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Accept, Content-Type, Origin, Authorization, X-Auth-Token");
response.addHeader("Access-Control-Expose-Headers", "X-Auth-Token");
if (request.getMethod().equals("OPTIONS")) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(request, response);
}
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:JSESSIONID=BDD1655C91FD8DD73A8A0B021BFFC0E7
Host:192.168.1.66:8080
Origin:http://192.168.1.66:8105
Referer:http://192.168.1.66:8105/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Accept, Content-Type, Origin, Authorization, X-Auth-Token
Access-Control-Allow-Methods:POST, GET, DELETE, PUT
Access-Control-Allow-Origin:http://192.168.1.66:8105
Access-Control-Expose-Headers:X-Auth-Token
Access-Control-Max-Age:3600
Cache-Control:no-store, no-cache, must-revalidate, max-age=0
Content-Length:0
Date:Sat, 28 Nov 2015 23:49:56 GMT
Server:Apache-Coyote/1.1
我想要拨打的电话是一个SocketJS电话和一个电话。正在调用以下脚本。
var socket = new SockJS($scope.siteUrl+'/connect?TOKEN='+$localstorage.get('X-AUTH-TOKEN-TRIVIA'));
$scope.stompClient = Stomp.over(socket);
$scope.stompClient.connect({"Authorization":"TOKEN" }, function(frame) {
console.log('Connected: ' + frame);
stompClient.subscribe($scope.siteUrl+'/socketupdate', function(greeting){
$scope.activegame = JSON.parse(greeting.body).content;
});
});
如您所见,我将令牌作为查询字符串传递,因为出于某些奇怪的原因,SocketJS不允许我通过标头传递X-AUTH-TOKEN。
但是,我的客户端服务器位于不同的端口上。我正在使用离子构建一个应用程序,这是一个基于角度的框架。
我注意到错误来自我的WebSocketService
2015-11-29 03:22:32.417 WARN 33932 --- [nio-8080-exec-1] o.s.w.s.s.t.h.DefaultSockJsService : Origin header value 'http://192.168.1.66:8105' not allowed.
这是否意味着我必须在WebSocketConfig中设置接受这个的东西?
答案 0 :(得分:5)
在WebsocketConfig.java
@Override
public void registerStompEndpoints(StompEndpointRegistry stompEndpointRegistry) {
stompEndpointRegistry.addEndpoint("/ws").setAllowedOrigins("*").withSockJS();
}
通知:
.setAllowedOrigins("*")
答案 1 :(得分:0)
我刚刚发现的一些东西,我认为它可能对某人有所帮助。 您的网址不得以“/”结尾。
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/chat")
.setAllowedOrigins("https://somewebsite.com/")
.withSockJS();
}
不起作用。
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/chat")
.setAllowedOrigins("https://somewebsite.com")
.withSockJS();
}
作品。