跨域资源共享( CORS ) 简介:
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS
跨域资源共享( CORS )机制允许 Web 应用服务器进行跨域访问控制,从而使跨域数据传输得以安全进行。浏览器支持在 API 容器中(例如 XMLHttpRequest 或 Fetch )使用 CORS,以降低跨域 HTTP 请求所带来的风险。
解决的问题:
通过Ajax方式访问跨域的js。
相关文件下载:
http://download.csdn.net/detail/itas109/9821399
Tomcat通过CORS解决跨域问题
1.下载库文件
a.java-property-utils-1.9.1.jar
https://repo1.maven.org/maven2/com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar
b.java-property-utils-1.9.1.jar
http://search.maven.org/remotecontent?filepath=com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar
2.JAR放置路径
Tomcat有两种路径选择:
a.如果你打算利用CORS与一个单一的Web应用 把JAR文件放到
-
$CATALINA_HOME/webapps/<your-web-app>/WEB-INF/lib/
b.如果要CORS对所有Web应用程序全局有效,将JAR文件放在
另外,如果你使用Maven构建的,添加下面的依赖到pom.xml
-
<dependency>
-
<groupId>com.thetransactioncompany</groupId>
-
<artifactId>cors-filter</artifactId>
-
<version>[ version ]</version>
-
</dependency>
3.添加CORS到web.xml文件
a.添加过滤器代码:
-
<filter>
-
<filter-name>CORS</filter-name>
-
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
-
</filter>
b.添加过滤器路由代码:
-
<filter-mapping>
-
<filter-name>CORS</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
web.xml修改demo
http://software.dzhuvinov.com/files/cors/web.xml.txt
-
<?xml version="1.0" encoding="UTF-8"?>
-
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-
version="2.4">
-
-
<display-name>CORS demo</display-name>
-
-
<description>Simple CORS demo</description>
-
-
<servlet>
-
<!-- Some servlet -->
-
<servlet-name>HelloWorld</servlet-name>
-
<servlet-class>com.thetransactioncompany.cors.demo.HelloWorldServlet</servlet-class>
-
</servlet>
-
-
<servlet-mapping>
-
<!-- Some servlet mapping -->
-
<servlet-name>HelloWorld</servlet-name>
-
<url-pattern>/cors-resource.html</url-pattern>
-
</servlet-mapping>
-
-
<filter>
-
<!-- The CORS filter with parameters -->
-
<filter-name>CORS</filter-name>
-
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
-
-
<!-- Note: All parameters are options, if omitted the CORS
-
Filter will fall back to the respective default values.
-
-->
-
<init-param>
-
<param-name>cors.allowGenericHttpRequests</param-name>
-
<param-value>true</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.allowOrigin</param-name>
-
<param-value>*</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.allowSubdomains</param-name>
-
<param-value>false</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.supportedMethods</param-name>
-
<param-value>GET, HEAD, POST, OPTIONS</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.supportedHeaders</param-name>
-
<param-value>*</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.exposedHeaders</param-name>
-
<param-value>X-Test-1, X-Test-2</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.supportsCredentials</param-name>
-
<param-value>true</param-value>
-
</init-param>
-
-
<init-param>
-
<param-name>cors.maxAge</param-name>
-
<param-value>3600</param-value>
-
</init-param>
-
-
</filter>
-
-
<filter-mapping>
-
<!-- CORS Filter mapping -->
-
<filter-name>CORS</filter-name>
-
<url-pattern>/cors-resource.html</url-pattern>
-
</filter-mapping>
-
-
</web-app>
4.重启Tomcat
参考:
https://www.w3.org/TR/cors/
http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS
http://software.dzhuvinov.com/cors-filter-installation.html
https://github.com/eBay/cors-filter
http://mvnrepository.com/artifact/com.thetransactioncompany/cors-filter/2.5
http://www.cnblogs.com/chiyouguli/p/4283349.html
(责任编辑:IT) |