当前位置: > Linux服务器 > Tomcat >

Tomcat通过CORS解决跨域问题

时间:2018-11-20 18:00来源:linux.it.net.cn 作者:IT

跨域资源共享( CORS ) 简介:

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

跨域资源共享( CORS )机制允许 Web 应用服务器进行跨域访问控制,从而使跨域数据传输得以安全进行。浏览器支持在 API 容器中(例如 XMLHttpRequest 或 Fetch )使用 CORS,以降低跨域 HTTP 请求所带来的风险。

 

解决的问题:

通过Ajax方式访问跨域的js。

 

相关文件下载:

http://download.csdn.net/detail/itas109/9821399

 

Tomcat通过CORS解决跨域问题

1.下载库文件

a.java-property-utils-1.9.1.jar

https://repo1.maven.org/maven2/com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar

b.java-property-utils-1.9.1.jar

http://search.maven.org/remotecontent?filepath=com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar

 

2.JAR放置路径

Tomcat有两种路径选择:

a.如果你打算利用CORS与一个单一的Web应用 把JAR文件放到

 

  1. $CATALINA_HOME/webapps/<your-web-app>/WEB-INF/lib/  

 

b.如果要CORS对所有Web应用程序全局有效,将JAR文件放在

  1. $CATALINA_HOME/lib/  

 

另外,如果你使用Maven构建的,添加下面的依赖到pom.xml

  1. <dependency>  
  2.     <groupId>com.thetransactioncompany</groupId>  
  3.     <artifactId>cors-filter</artifactId>  
  4.     <version>[ version ]</version>  
  5. </dependency>  

 

3.添加CORS到web.xml文件

a.添加过滤器代码:

  1. <filter>  
  2.     <filter-name>CORS</filter-name>  
  3.     <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>  
  4. </filter>  

b.添加过滤器路由代码:
 
 
  1. <filter-mapping>  
  2.         <filter-name>CORS</filter-name>  
  3.         <url-pattern>/*</url-pattern>  
  4. </filter-mapping>  

web.xml修改demo

 

http://software.dzhuvinov.com/files/cors/web.xml.txt

 

 
 
 
 
  1. <?xml version="1.0" encoding="UTF-8"?>  
  2. <web-app xmlns="http://java.sun.com/xml/ns/j2ee"  
  3.          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
  4.          xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"  
  5.          version="2.4">  
  6.   
  7.     <display-name>CORS demo</display-name>  
  8.       
  9.     <description>Simple CORS demo</description>  
  10.       
  11.     <servlet>  
  12.         <!-- Some servlet -->  
  13.         <servlet-name>HelloWorld</servlet-name>  
  14.         <servlet-class>com.thetransactioncompany.cors.demo.HelloWorldServlet</servlet-class>  
  15.     </servlet>  
  16.       
  17.     <servlet-mapping>  
  18.         <!-- Some servlet mapping -->  
  19.         <servlet-name>HelloWorld</servlet-name>  
  20.         <url-pattern>/cors-resource.html</url-pattern>  
  21.     </servlet-mapping>  
  22.       
  23.     <filter>  
  24.         <!-- The CORS filter with parameters -->  
  25.         <filter-name>CORS</filter-name>  
  26.         <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>  
  27.           
  28.         <!-- Note: All parameters are options, if omitted the CORS   
  29.              Filter will fall back to the respective default values.  
  30.           -->  
  31.         <init-param>  
  32.             <param-name>cors.allowGenericHttpRequests</param-name>  
  33.             <param-value>true</param-value>  
  34.         </init-param>  
  35.           
  36.         <init-param>  
  37.             <param-name>cors.allowOrigin</param-name>  
  38.             <param-value>*</param-value>  
  39.         </init-param>  
  40.           
  41.         <init-param>  
  42.             <param-name>cors.allowSubdomains</param-name>  
  43.             <param-value>false</param-value>  
  44.         </init-param>  
  45.           
  46.         <init-param>  
  47.             <param-name>cors.supportedMethods</param-name>  
  48.             <param-value>GET, HEAD, POST, OPTIONS</param-value>  
  49.         </init-param>  
  50.           
  51.         <init-param>  
  52.             <param-name>cors.supportedHeaders</param-name>  
  53.             <param-value>*</param-value>  
  54.         </init-param>  
  55.           
  56.         <init-param>  
  57.             <param-name>cors.exposedHeaders</param-name>  
  58.             <param-value>X-Test-1, X-Test-2</param-value>  
  59.         </init-param>  
  60.           
  61.         <init-param>  
  62.             <param-name>cors.supportsCredentials</param-name>  
  63.             <param-value>true</param-value>  
  64.         </init-param>  
  65.           
  66.         <init-param>  
  67.             <param-name>cors.maxAge</param-name>  
  68.             <param-value>3600</param-value>  
  69.         </init-param>  
  70.   
  71.     </filter>  
  72.   
  73.     <filter-mapping>  
  74.         <!-- CORS Filter mapping -->  
  75.         <filter-name>CORS</filter-name>  
  76.         <url-pattern>/cors-resource.html</url-pattern>  
  77.     </filter-mapping>  
  78.   
  79. </web-app>  

 

 

 

4.重启Tomcat

 

参考:

https://www.w3.org/TR/cors/

http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

http://software.dzhuvinov.com/cors-filter-installation.html

https://github.com/eBay/cors-filter

http://mvnrepository.com/artifact/com.thetransactioncompany/cors-filter/2.5

http://www.cnblogs.com/chiyouguli/p/4283349.html




(责任编辑:IT)
------分隔线----------------------------
栏目列表
推荐内容