CORSfilter未按预期工作
我试图从我的Webstorm应用程序发送请求到我的后端应用程序,它们都在不同的端口,我在前端使用angularJS,在后端使用java。 我已经阅读了一些关于CORSfilter的内容,并且我了解到为了做Cross Origin Requests,我需要实现它们。 然而,在做完这个我的错误后,正在
Failed to load resource: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63343' is therefore not allowed access. http://localhost:8080/register?password=&username= XMLHttpRequest cannot load http://localhost:8080/register?password=&username=. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63343' is therefore not allowed access.
没有改变导致我相信我做错了什么,这是我发送请求的代码:
var charmanderServices = angular.module('charmanderServices', ['ngResource']); var hostAdress = "http://localhost:8080"; charmanderServices.factory("register", ["$resource", function($resource){ console.log('in service'); return $resource(hostAdress + "/register", {}, { 'registerUser' : { method: 'POST', isArray: false, params: { username: '@username', password: '@password' } }, headers : {'Content-Type' : 'application/x-www-form-urlencoded'} }); } ]);
我的corsFilter写得像这样:
@Component public class SimpleCORSFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { //This is not even printing System.out.println("Cheers lads, I'm in the filter"); HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "x-requested-with, X-Auth-Token, Content-Type"); chain.doFilter(req, res); } public void init(FilterConfig filterConfig) {} public void destroy() {} }
这是我的web.xml:
Project org.springframework.web.context.ContextLoaderListener cors com.robin.filters.SimpleCORSFilter cors /* dispatcherServlet org.springframework.web.servlet.DispatcherServlet contextConfigLocation classpath:/spring/applicationContext.xml 1 dispatcherServlet /
这是我正在捕获请求的控制器:
@Controller public class UserController { @Autowired private UserService userService; @RequestMapping(value = "/register" , method= RequestMethod.POST, produces = "application/json") @ResponseBody public boolean register(@RequestParam(value = "username") String username, @RequestParam(value = "password") String password){ System.out.println("Im in register hurray"); return userService.register(username, password); } }
更新:我已尝试将filter实现为OncePerRequestFilter,仍然无法正常工作。 有人能够在这里帮助我吗?
更新#2:还试过这个, http://software.dzhuvinov.com/cors-filter-installation.html ,没有运气
更新#3:这是我在控制台中的输出,我可以看到响应没有添加任何标头:
Request URL:http://localhost:8080/register?password=g&username=g Request Method:OPTIONS Status Code:200 OK Request Headersview source Accept:*/* Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8,nl;q=0.6 Access-Control-Request-Headers:accept, content-type Access-Control-Request-Method:POST Connection:keep-alive Host:localhost:8080 Origin:http://localhost:63343 Referer:http://localhost:63343/Project/index.html?uName=g&uPassword=g&uPasswordConfirm=g User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36 Query String Parametersview sourceview URL encoded password:g username:g Response Headersview source Allow:GET, HEAD, POST, PUT, DELETE, OPTIONS Content-Length:0 Date:Fri, 04 Apr 2014 09:50:35 GMT Server:Apache-Coyote/1.1
更新#4:使用@WebFilter而不是@Component注释filter,没有帮助
更新#5:这是我的applicationContext.xml文件:
com.robin.model org.hibernate.dialect.MySQL5Dialect true create com.robin.model.User
我还在这里添加了我的控制器和register.html文件中的代码:
charmanderControllers.controller('registerController', ['$scope', 'register', function($scope, register){ $scope.username = ''; $scope.password = ''; $scope.register = function () { register.registerUser({'username': $scope.username, 'password': $scope.password}).$promise.then(function(data){ switch(data.response){ case true: //succes $scope.registered = true; $scope.userExists = false; break; case false: //user exists $scope.registered = false; $scope.userExists = true; break; } console.log(data.response); }) }; $scope.checkValidRegister = function (invalid) { console.log(invalid); console.log($scope.passwordConfirm); console.log($scope.password); console.log($scope.username); if (invalid || $scope.password != $scope.passwordConfirm) { console.log("I shouldnt be here"); $scope.validation = true; if ($scope.password != $scope.passwordConfirm) { $scope.passwordError = true; } } else { register(); } }; }]);
register.html
Register now!
您的代码和配置总体上看起来很好,我能够在本地环境中运行它。 请从SimpleCORSFilter
删除@Component注释,因为您将它用作普通的Servletfilter,并且它不需要是Spring上下文的一部分。
UPD。 Tomcat 7有自己的CORSfilter实现 。 您可以查看文档和源代码以获取更多详细信息。 我已修改标头以反映其默认配置,应该按预期工作。
由于您已经在使用Spring,如果您使用的是Spring 4.2或更高版本,则不需要CorsFilter
,但可以使用CrossOrigin
简单地注释您的控制器方法。 这是关于此的优秀文章 ,值得一读。
还请检查描述不同平台的CORS配置的 nice资源。
这是我使用普通Filter实现的工作示例:
控制器:
@Controller public class UserController { private static Logger log = Logger.getAnonymousLogger(); @RequestMapping( value = "/register", method = RequestMethod.POST, consumes = "application/x-www-form-urlencoded") @ResponseBody public String register(@RequestParam(value = "user") String username, @RequestParam(value = "password") String password) { log.info(username + " " + password); return "true"; } }
过滤:
public class CorsFilter implements Filter { private static final Logger log = Logger.getAnonymousLogger(); @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { log.info("Adding Access Control Response Headers"); HttpServletResponse response = (HttpServletResponse) servletResponse; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, HEAD, OPTIONS"); response.setHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"); filterChain.doFilter(servletRequest, servletResponse); } @Override public void destroy() { } }
在web.xml中过滤映射:
cors com.udalmik.filter.CorsFilter cors /register
JS从单独的Web应用程序(JQuery)执行请求:
$(document).ready(function() { $('#buttonId').click(function() { $.ajax({ type: "POST", url: "http://localhost:8080/register", success : function(data){ console.log(data); }, data : { user : 'test.user@acme.com', password : 'password' } }); } }
- 部署依赖于rest api的单页面应用程序有哪些技巧?
- 使用http协议,java和javascript下载大文件> 1GB
- 如何使用angular js spring mvc上传多部分文件
- 如何设置Grails和AngularJS部分模板
- 无法从JSON String实例化类型的值; 没有单字符串构造函数/工厂方法
- 运行grunt和tomcat服务器的Web App(Spring,Angular,Grunt,Maven,Tomcat)
- 如何从spring控制器获取angularjs中的模型属性值
- 在预检响应中,Access-Control-Allow-Methods不允许使用方法DELETE
- 如何从AngularJSpost中获取Struts中的数据