CROSS_DOMAIN=http://localhost:3000,http://youjiacn.com:3000,http://www.youjiacn.com:3000
HttpServletResponse httpResponse = (HttpServletResponse)response;
HttpServletRequest httpRequest = (HttpServletRequest)request;
String[] crossDomains = ConfigUtil.getInstant().getValue(Constant.CROSS_DOMAIN).split(",");
LOG.info("allow domains is :" + Arrays.asList (crossDomains));
Set<String> originsDomains = new HashSet<String>(Arrays.asList (crossDomains));
if(originsDomains.contains(httpRequest.getHeader("Origin"))){
httpResponse.addHeader("Access-Control-Allow-Origin", httpRequest.getHeader("Origin"));
}
httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
httpResponse.setHeader("Access-Control-Max-Age", "3600");
httpResponse.setHeader("Access-Control-Allow-Headers", "Origin,X-Requested-With,Content-Type, Accept, Authorization");
httpResponse.setHeader("Access-Control-Allow-Credentials","true");