乐趣区

解决ajax跨域请求问题

自己做网站的时候,经常遇到跨域问题,下面是平时多次实践总结出的解决方法,大家有什么更好的思路,可以相互交流下~
XMLHttpRequest cannot load http://www.imooc.com/data/che… No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8080’ is therefore not allowed access.
解决方法:跨源问题,添加 cors。
1.filter 或者 servlet 里面添加 response.setHeader(“Access-Control-Allow-Origin”, ““);2.response.setHeader(“Access-Control-Allow-Origin”, ““); 放到接收客户端 api 的地方
3. 如果是 servlet 的话就放到 get 或者 post 方法里面,jsp 页面就扔到第一行
4. 如果是 filter 部署就扔到 dofilter()

———————————springmvc———————————

添加 SimpleCORSFilter.java

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Component;

@Component
public class SimpleCORSFilter implements Filter {public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
         //response.setHeader("Access-Control-Allow-Headers", "Content-Type");

                                                                                                        // response.setContentType("text/html;charset=UTF-8");
           // response.setHeader("Access-Control-Allow-Origin", "*");
           // response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
           // response.setHeader("Access-Control-Max-Age", "0");
           // response.setHeader("Access-Control-Allow-Headers", "Authentication, Origin, Accept, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, token");
           // response.setHeader("Access-Control-Allow-Credentials", "true");
           // response.setHeader("XDomainRequestAllowed","1");

        chain.doFilter(req, res);
    }

    public void init(FilterConfig filterConfig) {}

    public void destroy() {}

}

web.xml 添加

<filter>
    <filter-name>SimpleCORSFilter</filter-name>
    <filter-class>com.zhcs.context.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>SimpleCORSFilter</filter-name>
    <url-pattern>/app/*</url-pattern>
</filter-mapping>

————————————–OR————————————-

添加 CorsConfigureAdapter.java

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@Configuration
@EnableWebMvc
public class CorsConfigureAdapter extends WebMvcConfigurerAdapter {
    @Override
    public void addCorsMappings(CorsRegistry registry) {super.addCorsMappings(registry);
        registry.addMapping("/**");
    }
}

在 Controller 上或方法上使用 @CrossOrigin 注解

@CrossOrigin(maxAge = 3600)

————————————–xml————————————-

<mvc:cors>
    <mvc:mapping path="/**" />
</mvc:cors>
<mvc:cors>
    <mvc:mapping path="/api/**" allowed-origins="http://domain1.com, http://domain2.com" allowed-methods="GET, PUT" allowed-headers="header1, header2, header3" exposed-headers="header1, header2" allow-credentials="false" max-age="123" />
    <mvc:mapping path="/resources/**" allowed-origins="http://domain1.com" />
</mvc:cors>

————————————–Nginx 支持跨域请求 ————————————–

location /{
    add_header 'Access-Control-Allow-Origin' 'http://other.subdomain.com';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET'; 
    ...
    the rest of your configuration here
    ...
}
退出移动版