跨域问题
报错信息为:post request is No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
原因:例如我们需要在A网址获取B网的资源,由于A,B不在同一个域名之中导致出现了跨域访问资源的情况。在浏览器的协议中,默认这样的访问是不安全的。跨域访问被认为违反了同源策略,它规定只能访问跟他html同源的资源
跨域限制是浏览器行为,不是服务器行为。 浏览器认为地址栏输入时安全的,所以不限制认为是跨域。
如何解决跨域问题:在后台添加过滤器,在需要跨域的请求体头部添加Header属性
首先新建过滤器的类
package com.jfly.apps.restful.springmvc;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
public class CORSInterceptor implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
String origin = (String) servletRequest.getRemoteHost() + ":" + servletRequest.getRemotePort();
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization,Content-Type");
response.setHeader("Access-Control-Allow-Credentials", "true");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
}
}
其次在web.xml中配置过滤器,完成
<filter>
<filter-name>CORSInterceptor</filter-name>
<filter-class>com.jfly.apps.restful.springmvc.CORSInterceptor</filter-class>
</filter>
<filter-mapping>
<filter-name>CORSInterceptor</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>