Home > Java > javaTutorial > Sample code sharing on how Cors implements fully cross-domain java backend

Sample code sharing on how Cors implements fully cross-domain java backend

黄舟
Release: 2017-05-28 09:30:14
Original
1932 people have browsed it

This article mainly introduces the complete cross-domain example of Cors' implementation of java backend. The editor thinks it is quite good, so I will share it with you now and give it as a reference. Let’s follow the editor and take a look.

http://www.jb51.net/article/114838.htm This article introduces the cross-domain of JS in detail, giving The solution is spring boot. If you don’t use spring boot or the spring version is lower than 4.2, you need to implement it yourself;

refers to the implementation of spring boot and is simplified. The code is as follows:

package com.lvluo.web.filter.CorsFilter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.http.HttpHeaders;

public class CorsFilter implements Filter {

 public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";

 public static final String OPTIONS = "OPTIONS";

 public void doFilter(ServletRequest request, ServletResponse response,
  FilterChain chain) throws IOException, ServletException {

 HttpServletRequest httpRequest = (HttpServletRequest) request;
 HttpServletResponse httpResponse = (HttpServletResponse) response;

 if (isCorsRequest(httpRequest)) {
  httpResponse.setHeader("Access-Control-Allow-Origin", "*");
  httpResponse.setHeader("Access-Control-Allow-Methods",
   "POST, GET, PUT, DELETE");
  httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
  // response.setIntHeader("Access-Control-Max-Age", 1728000);
  httpResponse
   .setHeader(
    "Access-Control-Allow-Headers",
    "Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Authorization");
  if (isPreFlightRequest(httpRequest)) {
  return;
  }
 }
 chain.doFilter(request, response);
 }

 public void init(FilterConfig filterConfig) {
 }

 public void destroy() {
 }

 public boolean isCorsRequest(HttpServletRequest request) {
 return (request.getHeader(HttpHeaders.ORIGIN) != null);
 }

 /**
 * Returns {@code true} if the request is a valid CORS pre-flight one.
 */
 public boolean isPreFlightRequest(HttpServletRequest request) {
 return (isCorsRequest(request) && OPTIONS.equals(request.getMethod()) && request
  .getHeader(ACCESS_CONTROL_REQUEST_METHOD) != null);
 }
}
Copy after login

Then configure the filter in web.xml

 <filter>
  <filter-name>corsFilter</filter-name>
  <filter-class>com.lvluo.web.filter.CorsFilter</filter-class>
 </filter>
 <filter-mapping>
  <filter-name>corsFilter</filter-name>
  <url-pattern>/api/*</url-pattern>
 </filter-mapping>
Copy after login

The JS code for the front-end test, in which the client's

$.ajax({
  headers : {
   &#39;Authorization&#39; :&#39;Bearer iBoxSO9QdrHR0&#39; 
  },
  url: &#39;http://localhost:8080/service/api/ping&#39;,
  type: &#39;GET&#39;,
  dataType: &#39;json&#39;,
  success : function(result){
   $("#result").html(result.code);
  }
  })
Copy after login

The above is the detailed content of Sample code sharing on how Cors implements fully cross-domain java backend. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template