zoukankan      html  css  js  c++  java
  • 跨域拦截Access-Control-Allow-Origin设置多个origin

    在Extjs和java项目碰到了需要同时处理跨域,外部要访问后台接口的问题

    原来的代码是这样,只能设置一个extjs前台需要过滤的跨域请求

    package com.xgt.config;
    
    import javax.servlet.*;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.IOException;
    import java.util.Arrays;
    import java.util.HashSet;
    import java.util.Set;
    
    /**
     * 解决跨域问题
     */
    public class SimpleCORSFilter implements Filter {
    
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            
                response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
           chain.doFilter(req, res);
    } public void init(FilterConfig filterConfig) {} public void destroy() {} }

    略微改进,给同局域网的同事访问我的接口,我设置的ip是同事的192.168.1.178,是因为他的ip访问我的接口会遭到拦截,我自己的ip不会被拦截,所以不用设置

    package com.xgt.config;
    
    import javax.servlet.*;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.IOException;
    import java.util.Arrays;
    import java.util.HashSet;
    import java.util.Set;
    
    /**
     * 解决跨域问题
     */
    public class SimpleCORSFilter implements Filter {
    
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            String []  allowDomain= {"http://127.0.0.1:1841","http://192.168.1.178"};
            Set<String> allowedOrigins= new HashSet<String>(Arrays.asList(allowDomain));
            String originHeader=((HttpServletRequest) req).getHeader("Origin");
            if (allowedOrigins.contains(originHeader)) {
                response.setHeader("Access-Control-Allow-Origin", originHeader);
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }
            chain.doFilter(req, res);
        }
    
        public void init(FilterConfig filterConfig) {}
    
        public void destroy() {}
    
    }

     还有一种SB写法,直接根据originHeader的结果来判断,if语句简单粗暴

    HttpServletResponse response  = (HttpServletResponse) res;
            String originHeader=((HttpServletRequest) req).getHeader("Origin");
            if ("http://127.0.0.1:1841".equals(originHeader)) {
                response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:1841");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }else if("http://192.168.1.178".equals(originHeader)){
                response.setHeader("Access-Control-Allow-Origin", "http://192.168.1.178");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "content-type, x-requested-with");
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }else if(originHeader==null){
                chain.doFilter(req,res);
            }
            chain.doFilter(req, res);
  • 相关阅读:
    POJ 1469 COURSES 二分图最大匹配
    POJ 1325 Machine Schedule 二分图最大匹配
    USACO Humble Numbers DP?
    SGU 194 Reactor Cooling 带容量上下限制的网络流
    POJ 3084 Panic Room 求最小割
    ZOJ 2587 Unique Attack 判断最小割是否唯一
    Poj 1815 Friendship 枚举+求最小割
    POJ 3308 Paratroopers 最小点权覆盖 求最小割
    1227. Rally Championship
    Etaoin Shrdlu
  • 原文地址:https://www.cnblogs.com/Java-Starter/p/7603313.html
Copyright © 2011-2022 走看看