欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

java SSM 解决跨域问题

程序员文章站 2022-07-10 09:42:48
...

1.什么是跨域请求

由于浏览器同源策略,凡是发送请求url的协议、域名、端口三者之间任意一与当前页面地址不同即为跨域。具体可以查看下表

java SSM 解决跨域问题

2.解决跨域请求

1. 新建一个过滤器,并实现 Filter 接口

package hbsi.yfzx.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * 解决SSM跨域问题
 * @author lzch
 *
 */
public class SimpleCORSFilter implements Filter {
    private boolean isCross = false;

    public void destroy() {
        isCross = false;
    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        if (isCross) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) request;
            HttpServletResponse httpServletResponse = (HttpServletResponse) response;
            System.out.println("拦截请求: " + httpServletRequest.getServletPath());
            httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
            httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
            httpServletResponse.setHeader("Access-Control-Max-Age", "0");
            httpServletResponse.setHeader("Access-Control-Allow-Headers",
                    "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
            httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
            httpServletResponse.setHeader("XDomainRequestAllowed", "1");
        }
        chain.doFilter(request, response);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        String isCrossStr = filterConfig.getInitParameter("IsCross");
        isCross = isCrossStr.equals("true") ? true : false;
        System.out.println(isCrossStr);
    }



}

2.在web.xml中配置

<!-- 跨域请求 -->
	<filter>
		<filter-name>SimpleCORSFilter</filter-name>
		<filter-class>hbsi.yfzx.filter.SimpleCORSFilter</filter-class>
		<init-param>
			<param-name>IsCross</param-name>
			<param-value>true</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>SimpleCORSFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

3.. 在

<!-- 接口跨域配置 -->  
      <mvc:cors>  
          <mvc:mapping path="/**"  
                       allowed-origins="*"  
                       allowed-methods="POST, GET, OPTIONS, DELETE, PUT"  
                       allowed-headers="Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"  
                       allow-credentials="true" />  
      </mvc:cors>  

StringMVC 的配置文件中配置跨域请求