Question

我没有从ember中的Rest Get服务URL获取数据（当我通过浏览器和Rest客户端点击服务时，我收到数据）。当我检查控制台时，我发现它被列为blocked-uri。如何从blocked-uri列表中删除它。

Rout

Answer 1

我已将阻止uri的网址添加到 connect-src 。

   contentSecurityPolicy: {
     'connect-src': "'self' http://localhost:4200 http://192.168.1.66:8080 ",
   }

但这对我来说不是问题。问题是由于跨域资源共享，并通过在tomact服务器的web.xml中添加过滤器来解决。

<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
 <param-name>cors.allowed.origins</param-name>
 <param-value>*</param-value>
</init-param>
<init-param>
 <param-name>cors.allowed.methods</param-name>
 <param-value>GET,POST,HEAD,OPTIONS,DELETE,PUT</param-value>
</init-param>
<init-param>
 <param-name>cors.allowed.headers</param-name>
  <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-  Request-Method,Access-Control-Request-Headers,Authorization</param-value>
 </init-param>
<init-param>
 <param-name>cors.exposed.headers</param-name>
 <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
 <param-name>cors.support.credentials</param-name>
 <param-value>true</param-value>
</init-param>
<init-param>
 <param-name>cors.preflight.maxage</param-name>
 <param-value>10</param-value>
</init-param>
 </filter>
<filter-mapping>
 <filter-name>CorsFilter</filter-name>
 <url-pattern>/*</url-pattern>
</filter-mapping>

Ember：内容安全策略违规 - 通过REST服务获取数据时出现问题

1 个答案: