import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.annotation.Order;
import com.alibaba.druid.util.StringUtils;
/*
* 跨域过滤器
*/
//为过滤器命名 //过滤器作用范围
@WebFilter(filterName="CrosFilter",urlPatterns="/*",
//设置过滤器初始值
initParams={@WebInitParam (name="allowOrigin",value="*"),
@WebInitParam (name="allowMethods",value="GET,POST,PUT,DELETE,OPTIONS"),
@WebInitParam (name="allowCredentials",value="true"),
@WebInitParam (name="allowHeaders",value="Origin, X-Requested-With, Content-Type, Accept")
})
@Order(1)//指定过滤器的执行顺序,值越大越靠后执行
public class CrosFilter implements Filter{
private String allowOrigin;
private String allowMethods;
private String allowCredentials;
private String allowHeaders;
//过滤器初始化方法
public void init(FilterConfig filterConfig) throws ServletException {
allowOrigin = filterConfig.getInitParameter("allowOrigin");
allowMethods = filterConfig.getInitParameter("allowMethods");
allowCredentials = filterConfig.getInitParameter("allowCredentials");
allowHeaders = filterConfig.getInitParameter("allowHeaders");
System.out.println("跨域过滤器初始化完毕!");
}
//调用过滤器时,用到的方法
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("aaa");
//强转,为了调用setHeader方法
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
//判断请求,设置响应头
if(!StringUtils.isEmpty(allowOrigin)) {
if(allowOrigin.equals("*")) {
httpResponse.setHeader("Access-Control-Allow-Origin", allowOrigin);
}else {
List<String> allowOriginList = Arrays.asList(allowOrigin.split(","));
if(allowOriginList != null && allowOriginList.size()>0) {
String currentOrigin = httpRequest.getHeader("origin");
if(allowOriginList.contains(currentOrigin)) {
httpResponse.setHeader("Access-Control-Allow-Origin",currentOrigin);
}
}
}
}
if(!StringUtils.isEmpty(allowMethods)) {
httpResponse.setHeader("Access-Control-Allow-Methods", allowMethods);
}
if(!StringUtils.isEmpty(allowCredentials)) {
httpResponse.setHeader("Access-Control-Allow-Credentials", allowCredentials);
}
if(!StringUtils.isEmpty(allowHeaders)) {
httpResponse.setHeader("Access-Control-Allow-Headers", allowHeaders);
}
//调用过滤器
chain.doFilter(request, response);
}
//过滤器销毁方法
public void destroy() {
System.out.println("跨域过滤器已销毁!");
}
}