我将React应用程序部署到一个单独的Google App Engine,它发送一个POST请求从Webapp获取一些数据,我正在尝试解析我的React Application中的数据。我能够从PostMan获取正确的数据,但同样的请求一直给我一个“No'Access-Control-Allow-Origin'标头出现在请求的资源上”错误。 我目前正在从Bigger Webapp接收PostRequest,如下所示:
@POST
@Path("/initializer")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public String getOrCreateSeller(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
this.shopifyStoreName = body.get("id").toString();
long hashedName = hashStoreName();
SellerId sellerId = new SellerId(hashedName);
try {
Seller seller = sellerService.findSellerById(sellerId);
getStore(seller);
String json = getResponseJson();
return Response.ok(json, MediaType.APPLICATION_JSON).build();
} catch (NotFoundException e) {
Seller seller = new Seller(sellerId.toDatastoreId(),
this.shopifyStoreName, 3L);
datastoreRepository.transact(() -> {
sellerValidator.validate(seller);
sellerRepository.save(seller);
});
createStore(seller);
String json = getResponseJson();
Response.ResponseBuilder r = Response.ok(json, MediaType.APPLICATION_JSON);
return r.build();
}
}
事实证明,在更大的webapp中,我从中获取数据包含一个类似于“CORSFilter”的类:
public class CORSFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException,
ServletException {
HttpServletResponse httpResp = (HttpServletResponse) resp;
HttpServletRequest httpReq = (HttpServletRequest) req;
httpResp.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS");
httpResp.setHeader("Access-Control-Allow-Origin", "*");
if (httpReq.getMethod().equalsIgnoreCase("OPTIONS")) {
httpResp.setHeader("Access-Control-Allow-Headers",
httpReq.getHeader("Access-Control-Request-Headers"));
}
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
@Override
public void destroy() {
}
}
因此,我觉得我应该使用这个类来启用COR,但我不确定如何。请帮忙!
答案 0 :(得分:1)
由于您的服务器端代码似乎正在使用JAX-RS,这是一种将CORS标头添加到JAX-RS应用程序的方法(遵循与您CORSFilter相同的规则)只是将此类添加到您的应用程序:
@Provider
@Priority(Priorities.HEADER_DECORATOR)
public class AccessControlResponseFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
final MultivaluedMap<String,Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS");
headers.add("Access-Control-Allow-Origin", "*");
if (requestContext.getMethod().equalsIgnoreCase("OPTIONS")) {
headers.add("Access-Control-Allow-Headers", requestContext.getHeaderString("Access-Control-Request-Headers"));
}
}
}
或者,如果项目可以使用CORSFilter类,则可以将其作为servlet过滤器添加到web.xml中:
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>com.mycompany.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
选择两种解决方案中的一种,而不是两者。
答案 1 :(得分:0)
您可以在控制器类中使用@CrossOrigin注释。可以获得更多信息here - crossorigin