关于cookie跨域问题

java 后台:

Cookie cookie = new Cookie("userName","lisi");
//String string = "168.0.107";
//cookie.setDomain(string);
cookie.setDomain("localhost");
cookie.setPath("/");
cookie.setMaxAge(3600);
response.addCookie(cookie);

cookie跨域请求时,主要时设置domain问题;也就是域名。

请求:http://192.168.0.107:8088/showLogin

cookie.setDomain(“192.168.0.107”);

如果本地请求:http://localhost:8088/showLogin

设置domain为:cookie.setDomain(“localhost”);若设置为cookie.setDomain(“192.168.0.107”);页面得不到cookie;

-------------------------------------

Java跨域不能返回,在拦截的doFiter需要设置reponse相关信息:

 @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
        //To change body of implemented methods use File | Settings | File Templates.
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String prefix = BaseUtils.getServerSuffixPath(request);
        String reqUrl = request.getRequestURL().toString();
    //允许跨域
        String origin = request.getHeader("Origin");
        response.setHeader("Access-Control-Allow-Origin", origin);
        //response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods",
                "GET, POST, PUT, DELETE, OPTIONS");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers",
                "Origin, X-Requested-With, Content-Type, Accept, Authorization");
        //非过滤的url
        for (String url : noFilterUrls) {
            if (reqUrl.startsWith(prefix + url)) {
                chain.doFilter(request, response);
                return;
            }
        }
        //判断用户是否登录
        Cookie[] cookies = request.getCookies();
        for(Cookie cookie : cookies){
            String cookieName = cookie.getName();
            //后台管理系统
            if(cookieName.equals("COOKIE_TOKEN_BACK")){
                String token = "USER_MANAGER:"+cookie.getValue();
                String user = stringRedisTemplate.opsForValue().get(token);
                if(user != null){
                    //重置redis有效时间

                    stringRedisTemplate.expire(token, 1800, TimeUnit.SECONDS);
                    chain.doFilter(request, response);
                    return;
                }
            }
            //手机端
            if(cookieName.equals("COOKIE_TOKEN_PHONE")){
                String token = "USER_PHONE:"+cookie.getValue();
                String phone = stringRedisTemplate.opsForValue().get(token);
                if(!StringUtils.isBlank(phone)){
                    //重置redis有效时间
                    stringRedisTemplate.expire(token, 1800, TimeUnit.SECONDS);
                    chain.doFilter(request, response);
                    return;
                }
            }

        }

        if (reqUrl.startsWith(prefix + LOGIN_URL)) {
            chain.doFilter(request, response);
        } else {
            String ajaxRequest = request.getHeader("X-Requested-With");
            if (ajaxRequest != null && ajaxRequest.equalsIgnoreCase("XMLHttpRequest")) {
                response.setHeader("session_status", "timeout");
            } else {
                //response.sendRedirect(prefix + "login.htm");
                response.sendRedirect(prefix + "login");
            }
        }
    }

  

 

posted on 2019-07-02 22:09  lazyli  阅读(646)  评论(0编辑  收藏  举报
Copyright © 2024 lazyli
Powered by .NET 8.0 on Kubernetes Powered by: 博客园