SSM跨域拦截设置

复制代码
 1 package com.donleo.ssm.filter;
 2 
 3 import javax.servlet.*;
 4 import javax.servlet.http.HttpServletRequest;
 5 import javax.servlet.http.HttpServletResponse;
 6 import java.io.IOException;
 7 
 8 /**
 9  * @author liangd
10  * date 2020-11-17 17:05
11  * code 跨域设置
12  */
13 public class CrossDomainFilter implements Filter {
14     private boolean isCross = false;
15 
16     @Override
17     public void destroy() {
18         isCross = false;
19     }
20 
21     @Override
22     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
23             throws IOException, ServletException {
24         if (isCross) {
25             HttpServletRequest httpServletRequest = (HttpServletRequest) request;
26             HttpServletResponse httpServletResponse = (HttpServletResponse) response;
27             System.out.println("拦截请求: " + httpServletRequest.getServletPath());
28             httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
         //允许cookie跨域设置
         //httpServletResponse.setHeader("Access-Control-Allow-Origin", httpServletRequest.getHeader("Origin"));
29             httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
30             httpServletResponse.setHeader("Access-Control-Max-Age", "0");
31             httpServletResponse.setHeader("Access-Control-Allow-Headers",
32                     "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
33             httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
34             httpServletResponse.setHeader("XDomainRequestAllowed", "1");
35         }
36         chain.doFilter(request, response);
37     }
38 
39     @Override
40     public void init(FilterConfig filterConfig) throws ServletException {
41         String isCrossStr = filterConfig.getInitParameter("IsCross");
42         isCross = isCrossStr.equals("true") ? true : false;
43         System.out.println(isCrossStr);
44     }
45 }
复制代码

 

  • 如果前端设了允许跨域携带cookie,服务器可能会报错:需要制定一个具体的请求源,
  • httpServletRequest.getHeader("Origin") 方法直接获取请求源的地址;
  • 例如,发送求的地址是:localhost:8058,那么httpServletRequest.getHeader("Origin")就会获得localhost:8058
  • 意思就是:谁来请求我,我就允许谁请求。

前端Ajax发送请求

复制代码
 1 function MyAjax(url,data,type,callback) {
 2    let user=$.cookie("token")
 3    $.ajax({
 4        url:URL+url,
 5        type:type,
 6        contentType:"application/json; charset=utf-8",
 7        headers:{
 8            "Authorization":$.cookie("token")
 9       },
10        dataType:"json",
11        data:data,
12        //
13        xhrFields: {
14            withCredentials: true //允许跨域带Cookie
15       },
16        success:function (res) {
17            AssertToken(res)
18            callback(res);
19            // console.log(res)
20       },
21        error:function (err) {
22            // console.log(err)
23       }
24   })
25 }
复制代码

 

posted @   donleo123  阅读(310)  评论(0编辑  收藏  举报
编辑推荐:
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
阅读排行:
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
点击右上角即可分享
微信分享提示