1. 程式人生 > >Java設置接口跨域

Java設置接口跨域

path 允許 ins 結構 pragma void ken exp exception

現在我們很多項目都是基於Java的REST結構風格前後端分離,在前端訪問後端的時候就存在跨域,這個時候後端接口不處理就會存在訪問不了。上代碼!

  1、創建一個Filter 在web.xml中配置

<filter>
        <filter-name>xssAndSqlFilter</filter-name>
        <filter-class>com.tzdr.btc.user.filter.XssAndSqlFilter</filter-class>
        <!--過濾掉 靜態資源文件 指定字符串  多個值用英文逗號隔開
--> <init-param> <param-name>excludedPages</param-name> <param-value>/tesra/</param-value> </init-param> </filter> <filter-mapping> <filter-name>xssAndSqlFilter</filter-name> <url-pattern
>/*</url-pattern> </filter-mapping>

2、在Filter的doFiler方法中添加設置

@Override  
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {  
        boolean isExcludedPage = Boolean.TRUE;
        HttpServletResponse httpResponse 
= (HttpServletResponse) response; HttpServletRequest request1 = (HttpServletRequest) request; //*表示允許所有域名跨域 httpResponse.setHeader("Access-Control-Allow-Origin", request1.getHeader("Origin")); httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); httpResponse.setHeader("Access-Control-Max-Age", "0"); httpResponse.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token,Access-Control-Allow-Headers"); httpResponse.setHeader("Access-Control-Allow-Credentials", "true");//這個是設置運行攜帶cookie httpResponse.setHeader("XDomainRequestAllowed","1"); //判斷是否在過濾url之外 for (String page : excludedPageArray) { if(((HttpServletRequest) request).getServletPath().contains(page)){ isExcludedPage = Boolean.FALSE; break; } } //在過濾url之外 if (isExcludedPage) { XssAndSqlHttpServletRequestWrapper xssRequest = new XssAndSqlHttpServletRequestWrapper((HttpServletRequest) request); chain.doFilter(xssRequest, response); } else{ chain.doFilter(request, response); } }

這樣完成以後 再訪問接口就能成功訪問了。

QQ群號:216868740

Java設置接口跨域