为什么不能在以下演示中打开链接:http:
//html5-demos.appspot.com/static/a.download.html
您甚至无法右键单击并在新选项卡/窗口中打开它.我需要自定义浏览器中的任何设置吗?
我刚开始使用Cross Origin Resource Sharing并尝试让我的webapp响应CORS请求.我的webapp是在Tomcat 7.0.42上运行的Spring 3.2应用程序.
在我的webapp的web.xml中,我启用了Tomcat CORS过滤器:
<!-- Enable CORS (cross origin resource sharing) -->
<!-- http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter -->
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
我的客户端(使用AngularJS 1.2.12编写)正在尝试访问启用了基本身份验证的REST端点.当它发出GET请求时,Chrome首先预检请求,但是从服务器收到403 Forbidden响应:
Request URL:http://dev.mydomain.com/joeV2/users/listUsers
Request Method:OPTIONS
Status Code:403 Forbidden
Request Headers:
OPTIONS /joeV2/users/listUsers HTTP/1.1
Host: dev.mydomain.com
Connection: keep-alive
Cache-Control: max-age=0
Access-Control-Request-Method: GET
Origin: http://localhost:8000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36
Access-Control-Request-Headers: accept, authorization
Accept: */*
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Response Headers:
HTTP/1.1 …