And*_*ver 7 glassfish jax-rs http-headers cors
我在JAVA EE7工作,JAX-RS 2.0 Glassfish 4是我的服务器.我想在CORS上工作以使Ajax请求从我的域中出来.我知道我需要让我的服务器启用它.我用PHP做到了.像下面的代码:
<?php header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Authorization");
但当我尝试做同样的事情时,我总会收到一条错误消息,例如 "这是截图".所以我试图用很多方式修改服务器的http响应......
这是我的代码,服务器端,我使用了文件管理器/提供程序:
@Provider
@CORSBinding
public class Filter implements ContainerRequestFilter{
@Override
public void filter(ContainerRequestContext request) throws IOException {
request.getHeaders().add("Access-Control-Allow-Origin", "*");
request.getHeaders().add("Access-Control-Allow-Headers", "Authorization");
if (request.getMethod().equals("OPTIONS")) {
System.out.println("OPTIONS is requested!!!!!!!!!!!!!");
}
if (request.getMethod().equals("GET")) {
System.out.println("GET is requested!!!!!!!!!!!!!");
}
if (request.getMethod().equals("POST")) {
System.out.println("POST is requested!!!!!!!!!!!!!");
}
if (request.getMethod().equals("DELETE")) {
System.out.println("DELETE is requested!!!!!!!!!!!!!");
}
if (request.getMethod().equals("PUT")) {
System.out.println("PUT is requested!!!!!!!!!!!!!");
}
}
}
但似乎所有人都被Glassfish4服务器提供的"防火墙安全性"所阻止.这是我的简单代码javascript:
<script>
var xhr = new XMLHttpRequest();
xhr.open("POST", "http://127.0.0.1:8080/CV/api/v2/posts");
xhr.setRequestHeader('Authorization', 'a');
xhr.send();
</script>
我甚至使用@Prematching注释添加了另一个过滤器来更新OPTIONS TO POST的请求...但是我总是丢失我在其中发送的标题(我的意思是在POST请求中).
@Provider
@PreMatching
public class HttpMethodOverrideEnabler implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext containerRequestContext) throws IOException {
containerRequestContext.setMethod("POST");
containerRequestContext.getHeaders().add("Access-Control-Allow-Origin", "*");
containerRequestContext.getHeaders().add("Access-Control-Allow-Headers","Authorization");
containerRequestContext.getHeaders().add("Access-Control-Allow-Headers","Authorization");
String override = containerRequestContext.getHeaders().getFirst( "X-HTTP-Method-Override");
if (override != null) {
containerRequestContext.setMethod(override);
}
}
我知道Glassfish3不支持CORS和(" https://java.net/jira/browse/GLASSFISH-16049)他们说他们会用JEE7修复它.这就是整个故事......所以怎么能我使用Glassfish服务器和JAX-RS2使用此JEE7进行CORS.提前感谢.
使用ContainerResponseFilter而不是ContainerRequestFilter,因为您希望将这些标头添加到响应中而不是请求中.例如:
@Provider
@Priority(Priorities.HEADER_DECORATOR)
public class AccessControlResponseFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
final MultivaluedMap<String,Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*");
headers.add("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type");
headers.add("Access-Control-Expose-Headers", "Location, Content-Disposition");
headers.add("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, HEAD, OPTIONS");
}
}
| 归档时间: |
|
| 查看次数: |
10964 次 |
| 最近记录: |