如何配置Lagom框架以处理CORS请求(方法请求“选项”)。
答案 0 :(得分:1)
通过这种方式,我已经为我的一个项目启用了Lagom中的CORS。
在服务类中定义一个方法来处理 OPTIONS 调用。
ServiceCall<NotUsed, Done> options();
在service-impl类中实现该方法。
@Override
public ServiceCall<NotUsed, Done> options() {
return request -> CompletableFuture.completedFuture(Done.getInstance());
}
在描述符中定义选项调用。例如,假设实际的呼叫是
GET /api/v0.1/user
服务描述符应如下所示:
@Override
default Descriptor descriptor() {
// @formatter:off
return named("notification").withCalls(
restCall(Method.GET, "/api/v0.1/user", this::getUser),
restCall(Method.OPTIONS, "/api/v0.1/user", this::options)
).withAutoAcl(true).withHeaderFilter(new CORSHeaderFilter());
// @formatter:on
}
请注意,它使用
附加了标题过滤器.withHeaderFilter(new CORSHeaderFilter())
CORSHeaderFilter类应如下所示。
import com.lightbend.lagom.javadsl.api.transport.HeaderFilter;
import com.lightbend.lagom.javadsl.api.transport.Method;
import com.lightbend.lagom.javadsl.api.transport.RequestHeader;
import com.lightbend.lagom.javadsl.api.transport.ResponseHeader;
public class CORSHeaderFilter implements HeaderFilter {
@Override
public RequestHeader transformClientRequest(RequestHeader request) {
return request;
}
@Override
public RequestHeader transformServerRequest(RequestHeader request) {
return request;
}
@Override
public ResponseHeader transformServerResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
@Override
public ResponseHeader transformClientResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
}
无论何时添加新端点,请确保也添加该端点的 OPTIONS 版本。
答案 1 :(得分:0)
要允许用Java编写的Lagom服务与CORS一起使用,您需要为每个Play实施CORS过滤器:
package example.service.impl
import play.filters.cors.CORSFilter;
import play.http.DefaultHttpFilters;
import javax.inject.Inject;
// See https://playframework.com/documentation/2.5.x/CorsFilter
public class MyCORSFilter extends DefaultHttpFilters {
@Inject
public MyCORSFilter(CORSFilter corsFilter) {
super(corsFilter);
}
}
,然后在您的application.conf中,添加过滤器:
play.http.filters = "example.service.impl.MyCORSFilter"
// To properly setup the CORSFilter, please refer to https://playframework.com/documentation/2.5.x/CorsFilter
// This example is only meant to show what's required for Lagom to use CORS.
play.filters.cors {
// review the values of all these settings to fulfill your needs. These values are not meant for production.
pathPrefixes = ["/api"]
allowedOrigins = null
allowedHttpMethods = null
allowedHttpHeaders = null
exposedHeaders = []
supportsCredentials = false
preflightMaxAge = 6 hour
}
有关更多信息,请参见example CORS service和Play docs。