zoukankan      html  css  js  c++  java
  • Java设置接口跨域

             现在我们很多项目都是基于Java的REST结构风格前后端分离,在前端访问后端的时候就存在跨域,这个时候后端接口不处理就会存在访问不了。上代码!

      1、创建一个Filter 在web.xml中配置

    <filter>
            <filter-name>xssAndSqlFilter</filter-name>
            <filter-class>com.tzdr.btc.user.filter.XssAndSqlFilter</filter-class>
            <!--过滤掉 静态资源文件 指定字符串  多个值用英文逗号隔开-->
            <init-param>
                <param-name>excludedPages</param-name>
                <param-value>/tesra/</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>xssAndSqlFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>

      2、在Filter的doFiler方法中添加设置

    @Override  
        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {  
            boolean isExcludedPage = Boolean.TRUE;
            HttpServletResponse httpResponse = (HttpServletResponse) response;
            HttpServletRequest request1 = (HttpServletRequest) request;
            //*表示允许所有域名跨域
            httpResponse.setHeader("Access-Control-Allow-Origin", request1.getHeader("Origin"));
            httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
            httpResponse.setHeader("Access-Control-Max-Age", "0");
            httpResponse.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token,Access-Control-Allow-Headers");
            httpResponse.setHeader("Access-Control-Allow-Credentials", "true");//这个是设置运行携带cookie
            httpResponse.setHeader("XDomainRequestAllowed","1");
            //判断是否在过滤url之外
            for (String page : excludedPageArray) {
                if(((HttpServletRequest) request).getServletPath().contains(page)){
                    isExcludedPage = Boolean.FALSE;
                    break;
                }
            }
            //在过滤url之外
            if (isExcludedPage) {
                XssAndSqlHttpServletRequestWrapper xssRequest = new XssAndSqlHttpServletRequestWrapper((HttpServletRequest) request);
                chain.doFilter(xssRequest, response);
            }
            else{
                chain.doFilter(request, response);
            }
        }

    这样完成以后 再访问接口就能成功访问了。

    QQ群号:216868740

  • 相关阅读:
    WBS分析
    需求分析-NABCD
    电梯演讲--2048小游戏
    Git diff 算法
    2020 北京理工大学889 回忆
    抖音后台开发社招面试
    珍宝阁
    2018 北京理工大学复试上机 回忆版
    2018 北京理工大学889 回忆
    做一个博客
  • 原文地址:https://www.cnblogs.com/tangyin/p/9934885.html
Copyright © 2011-2022 走看看