zoukankan      html  css  js  c++  java
  • 跨域拦截Access-Control-Allow-Origin设置多个origin

    在Extjs和java项目碰到了需要同时处理跨域,外部要访问后台接口的问题

    原来的代码是这样,只能设置一个extjs前台需要过滤的跨域请求

    package com.xgt.config;
    
    import javax.servlet.*;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.IOException;
    import java.util.Arrays;
    import java.util.HashSet;
    import java.util.Set;
    
    /**
     * 解决跨域问题
     */
    public class SimpleCORSFilter implements Filter {
    
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            
                response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
           chain.doFilter(req, res);
    } public void init(FilterConfig filterConfig) {} public void destroy() {} }

    略微改进,给同局域网的同事访问我的接口,我设置的ip是同事的192.168.1.178,是因为他的ip访问我的接口会遭到拦截,我自己的ip不会被拦截,所以不用设置

    package com.xgt.config;
    
    import javax.servlet.*;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.IOException;
    import java.util.Arrays;
    import java.util.HashSet;
    import java.util.Set;
    
    /**
     * 解决跨域问题
     */
    public class SimpleCORSFilter implements Filter {
    
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            String []  allowDomain= {"http://127.0.0.1:1841","http://192.168.1.178"};
            Set<String> allowedOrigins= new HashSet<String>(Arrays.asList(allowDomain));
            String originHeader=((HttpServletRequest) req).getHeader("Origin");
            if (allowedOrigins.contains(originHeader)) {
                response.setHeader("Access-Control-Allow-Origin", originHeader);
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }
            chain.doFilter(req, res);
        }
    
        public void init(FilterConfig filterConfig) {}
    
        public void destroy() {}
    
    }

     还有一种SB写法,直接根据originHeader的结果来判断,if语句简单粗暴

    HttpServletResponse response  = (HttpServletResponse) res;
            String originHeader=((HttpServletRequest) req).getHeader("Origin");
            if ("http://127.0.0.1:1841".equals(originHeader)) {
                response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }else if("http://192.168.1.178".equals(originHeader)){
                response.setHeader("Access-Control-Allow-Origin", "http://192.168.1.178");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }else if(originHeader==null){
                chain.doFilter(req,res);
            }
            chain.doFilter(req, res);
  • 相关阅读:
    Python那些优雅的写法:switch-case
    python将print输出的信息保留到日志文件中
    Python 获取被调用函数名称,所处模块,被调用代码行
    python **运算符及多参数传参
    使用Docker之镜像的拉取、查询、删除
    资料
    kmp算法
    开源软件
    golang之http请求的dns解析代码流程
    Go语言从HTTP请求中获取服务端IP地址
  • 原文地址:https://www.cnblogs.com/Java-Starter/p/7603313.html
Copyright © 2011-2022 走看看