码迷,mamicode.com
首页 > 其他好文 > 详细

Tomcat / Nginx 跨域

时间:2017-06-10 20:30:33      阅读:699      评论:0      收藏:0      [点我收藏+]

标签:str   logs   过滤   access   imp   support   repo   ada   class   

*

 tomcat 解决跨域,

1,据说tomcat7.0.40以上才有自带的CrosFilter,在WEB-INF/web.xml中配置即可:

<filter>
        <filter-name>CorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>*</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.methods</param-name>
            <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.headers</param-name>
            <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,yourdefinedname</param-value>
        </init-param>
        <init-param>
            <param-name>cors.exposed.headers</param-name>
            <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials,Access-Control-Allow-Headers</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CorsFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

2,tomcat7.0.40以下解决跨域,web.xml中

<filter>
        <filter-name>CorsFilter</filter-name>
        <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
        <init-param>
            <param-name>cors.allowOrigin</param-name>
            <param-value>*</param-value>
        </init-param>
        <init-param>
            <param-name>cors.supportedMethods</param-name>
            <param-value>GET, POST, HEAD, PUT, DELETE</param-value>
        </init-param>
        <init-param>
            <param-name>cors.supportedHeaders</param-name>
            <param-value>Accept, Origin, X-Requested-With, Content-Type, Last-Modified,Access-Control-Request-Headers</param-value>
        </init-param>
        <init-param>
            <param-name>cors.exposedHeaders</param-name>
            <param-value>Set-Cookie</param-value>
        </init-param>
        <init-param>
            <param-name>cors.supportsCredentials</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CorsFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

,需要引入两个包,如果是用maven,则pom.xml中可以加上下面这句,保存后自动会下载:

<dependency>
            <groupId>com.thetransactioncompany</groupId>
            <artifactId>cors-filter</artifactId>
            <version>1.7</version>
                <scope>runtime</scope>
        </dependency>

技术分享

maven仓库下载地址可以这样配置,{maven_home}/conf/settings.xml:

<mirror>
        <id>sensordata</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://central.maven.org/maven2/</url>
    </mirror> 
    <mirror>
        <id>repo2</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://repo2.maven.org/maven2/</url>
    </mirror> 
    
     <mirror>
        <id>ibiblio1</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://mirrors.ibiblio.org/maven2/</url>
    </mirror>
    <mirror>
      <id>alimaven</id>
      <name>aliyun maven</name>
      <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
      <mirrorOf>central</mirrorOf>        
    </mirror>    
  </mirrors>

3,也可以自定义跨域过滤器,这个应该不针对tomcat版本

第一步,写一个类 CrosFilter.java

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

public class CrosFilter implements Filter{  
   
@Override  
public void init(FilterConfig filterConfig) throws ServletException {  
// TODO Auto-generated method stub  
   
}  
   
@Override  
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,  
ServletException {  
HttpServletResponse res = (HttpServletResponse) response;  
res.setContentType("text/html;charset=UTF-8");  
   res.setHeader("Access-Control-Allow-Origin", "*");  
   res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");  
   res.setHeader("Access-Control-Max-Age", "0");  
   res.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type");  
   res.setHeader("Access-Control-Allow-Credentials", "true");  
   res.setHeader("XDomainRequestAllowed","1");  
   chain.doFilter(request, response);  
}  
   
@Override  
public void destroy() {  
// TODO Auto-generated method stub  
   
}  
   
} 

第二步,在web.xml中配置过滤器

<filter>  
     <filter-name>cros</filter-name>  
     <filter-class>com.zlfund.openapi.webserver.filter.CrosFilter</filter-class>  
    </filter>  
    <filter-mapping>  
     <filter-name>cros</filter-name>  
     <url-pattern>/*</url-pattern>  
    </filter-mapping>  

*********

这几种都可以解决,但是公司预生产就一直存在 跨域,原来它还经过了 nginx,在那里也要配置

server {
    listen 443;
    server_name myapi.com;

    access_log /var/log/nginx/myapiaccess.log myapi_access;
    error_log  /var/log/nginx/myapierror.log;

    more_set_headers "Access-Control-Allow-Origin: $http_origin";
#    more_set_headers "Access-Control-Allow-Credentials : true";
#    more_set_headers "Access-Control-Allow-Methods: GET,POST,HEAD,OPTIONS,PUT";
#    more_set_headers "Access-Control-Expose-Headers: Access-Control-Allow-Headers,Access-Control-Allow-Origin,Access-Control-Allow-Credentials";
#    more_set_headers "Access-Control-Allow-Headers: retdatatype,content-type,access-control-request-headers,accept,access-control-request-method,origin,x-requested-with";
    more_set_headers "Access-Control-Allow-Headers: retdatatype,content-type";

使用的是 https://myapi.com 访问,所以在443 这里配置

 

 

 

 

 

 

 

*

Tomcat / Nginx 跨域

标签:str   logs   过滤   access   imp   support   repo   ada   class   

原文地址:http://www.cnblogs.com/qingmaple/p/6979576.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!