欢迎光临
一个有态度、有温度的分享型博客

access-control-allow-origin跨域错误解决办法

ajax请求报错:

No'Access-Control-Allow-Origin' header is present on the requested resourse.Origin 'http//localhost:8088' is therefore not allowed access.

解决办法有三种:

1.不需要额外jar包:

在web.xml里进行配置:

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
  <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.methods</param-name>
    <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
  </init-param>
  <init-param>
    <param-name>cors.support.credentials</param-name>
    <param-value>true</param-value>
  </init-param>
  <init-param>
    <param-name>cors.preflight.maxage</param-name>
    <param-value>10</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

配置项未验证,需要根据自己的需要进行配置。

文件参考:http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

2.需要的jar包

  • cors-filter-1.7.jar;
  • java-property-utils-1.7.1.jar;
    <filter>
        <filter-name>CORS</filter-name>
        <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
        <init-param>
            <param-name>cors.supportedHeaders</param-name>
            <param-value>Content-Type,Accept,Origin</param-value>
        </init-param>
        <init-param>
            <param-name>cors.supportedMethods</param-name>
            <param-value>GET, POST, HEAD, PUT, DELETE, OPTIONS</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CORS</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

此项配置未验证

3.自定义过滤器

web.xml文件配置

  <filter>
        <filter-name>cors</filter-name>
        <filter-class>com.cdsoft.mcm.sso.filter.MyCORSFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>cors</filter-name>
        <url-pattern>*.do</url-pattern>
    </filter-mapping>

自定义过滤器Java代码:

package com.cdsoft.mcm.sso.filter;

import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class MyCORSFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request,
                                    HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {

        // CORS "pre-flight" request
        response.addHeader("Access-Control-Allow-Origin", "*");
        response.addHeader("Access-Control-Allow-Methods",
                "GET, POST, PUT, DELETE");
        response.addHeader("Access-Control-Allow-Headers", "Content-Type");
        response.addHeader("Access-Control-Max-Age", "1800");// 30 min

        filterChain.doFilter(request, response);
    }
}

我是用这种方式解决的,如果你进行上述配置后发现还是不可以,检查是否配置了其他过滤器,我这里就是因为shiro权限过滤器的原因导致一致请求无法访问。

参考文章:

  1. tomcat添加跨域访问功能-Access-Control-Allow-Origin:*
  2. 解决“No ‘Access-Control-Allow-Origin’ header is present on the requested resource
  3. Container Provided Filters

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址