Question

你如何让netty的CorsHandler关闭它？它在原点通过时默认关闭，但在不允许原点时不关闭。我使用CorsHandler实例设置了这样的服务器。

import io.netty.bootstrap.ServerBootstrap;
import io.netty.channel.*;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioServerSocketChannel;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpObjectAggregator;
import io.netty.handler.codec.http.HttpServerCodec;
import io.netty.handler.codec.http.cors.CorsConfigBuilder;
import io.netty.handler.codec.http.cors.CorsHandler;
import io.netty.handler.logging.LogLevel;
import io.netty.handler.logging.LoggingHandler;

/**
 * Runs netty with a CORS handler on 8080
 */
public class NettyCorsApp {
    private static final int PORT = 8080;

    public static void main(String[] args) throws Exception {
        EventLoopGroup eventLoopGroup = new NioEventLoopGroup();
        try {
            ServerBootstrap bootstrap = new ServerBootstrap()
                    .group(eventLoopGroup)
                    .handler(new LoggingHandler(LogLevel.INFO))
                    .childHandler(new ChannelInitializer<Channel>() {
                        @Override
                        protected void initChannel(Channel ch) throws Exception {
                            ChannelPipeline pipeline = ch.pipeline();
                            pipeline.addLast(new HttpServerCodec());
                            pipeline.addLast(new HttpObjectAggregator(1024 * 1024)); // 1MB
                            pipeline.addLast(new CorsHandler(
                                    CorsConfigBuilder.forOrigin("http://example.com")
                                            .allowedRequestMethods(HttpMethod.POST)
                                            .build())
                            );
                        }
                    })
                    .channel(NioServerSocketChannel.class);
            Channel channel = bootstrap.bind(PORT).sync().channel();
            channel.closeFuture().sync();
        } finally {
            eventLoopGroup.shutdownGracefully();
        }
    }
}

当您从通过CORS检查的来源请求时，CorsHandler会像您期望的那样关闭连接。

$ curl -sv -X OPTIONS -H 'Origin: http://example.com' -H 'Access-Control-Request-Method: POST' http://localhost:8080
* Rebuilt URL to: http://localhost:8080/
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> OPTIONS / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.54.0
> Accept: */*
> Origin: http://example.com
> Access-Control-Request-Method: POST
>
< HTTP/1.1 200 OK
< access-control-allow-origin: http://example.com
< vary: origin
< access-control-allow-methods: POST
< access-control-allow-headers:
< access-control-max-age: 0
< date: "Tue, 26 Sep 2017 20:03:53 GMT"
< content-length: 0
<
* Connection #0 to host localhost left intact

但是当您从未通过CORS检查的来源请求时，它不会关闭连接。

$ curl -sv -X OPTIONS -H 'Origin: http://invalid.com' -H 'Access-Control-Request-Method: POST' http://localhost:8080
* Rebuilt URL to: http://localhost:8080/
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> OPTIONS / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.54.0
> Accept: */*
> Origin: http://invalid.com
> Access-Control-Request-Method: POST
>
< HTTP/1.1 200 OK
* no chunk, no close, no size. Assume close to signal end
<

这可能是netty中的错误，如果是这样，我会在那里提交。

Answer 1

根据@Ferrybig的指示，CorsHandler没有故意关闭连接，因为请求中没有Connection: close标头。 Http 1.0假设默认情况下应该关闭tcp连接，默认情况下http 1.1（curl defafdults to）应保持打开状态。

curl没有退出错误原因的原因是因为CorsHandler在其响应中没有包含Content-Length标头，这是一个错误。

https://github.com/netty/netty/pull/7261

如何关闭与netty CorsHandler的连接

1 个答案: