有人知道如何直接在Payara服务器(或glassfish)中为某些域启用CORS吗?
我正在使用Payara服务器4.1.1.171.1。
我有一个在localhost:3000上运行的应用程序,该应用程序需要与Payara服务器通信,但我不断收到CORS错误。
我发现大多数链接只是说要将域(即localhost)添加到响应头中,例如:
response.addHeader(“ Access-Control-Allow-Origin”,“ localhost”);
并且我已经在我的Java代码中完成了它,并且可以正常工作。但是我想知道如何直接在服务器中更新Payara(或glassfish)来做到这一点。因为我已经看到人们提出了建议这样做(即更新服务器配置文件以允许在某些域使用CORS)。这样,Java代码就不必在上面专门添加标头内容。
但是这些建议给出了非Glassfish或Payara的服务器示例。
即使这个CORS链接https://enable-cors.org/server.html列出了20多个关于如何启用CORS的服务器/平台,但Payara或Glassfish都不是。
有人知道怎么做吗?
谢谢!
答案 0 :(得分:1)
您需要为每个呼叫创建一个拦截器,您必须在其中添加更多标头。在某些条件下,您需要。请看下面的代码:
import javax.ws.rs.HttpMethod;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.ext.Provider;
@Provider
@PreMatching
public class CorsResponseFilter implements ContainerResponseFilter {
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) {
String origin = requestContext.getHeaderString("Origin");
if ((origin != null)
&& origin.startsWith("http://localhost:4200") || origin.startsWith("http://localhost:8080"))) {
allowExceptionCors(requestContext, responseContext, origin);
}
}
private void allowExceptionCors(ContainerRequestContext requestContext, ContainerResponseContext responseContext, String origin) {
String methodHeader = requestContext.getHeaderString("Access-Control-Request-Method");
String requestHeaders = requestContext.getHeaderString("Access-Control-Request-Headers");
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.putSingle("Access-Control-Allow-Origin", origin);
headers.putSingle("Access-Control-Allow-Credentials", "true");
headers.putSingle("Access-Control-Allow-Methods", methodHeader);
headers.putSingle("Access-Control-Allow-Headers", "x-requested-with," + (requestHeaders == null ? "" : requestHeaders));
}
}
答案 1 :(得分:1)
要进行更多 open cors过滤,可以使用以下命令:
testDF来自Adam Bien在GitHub上的import java.io.IOException;
import java.util.List;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.ext.Provider;
@Provider
public class CorsResponseFilter implements ContainerResponseFilter {
public static final String ALLOWED_METHODS = "GET, POST, PUT, DELETE, OPTIONS, HEAD";
public final static int MAX_AGE = 42 * 60 * 60;
public final static String DEFAULT_ALLOWED_HEADERS = "origin,accept,content-type";
public final static String DEFAULT_EXPOSED_HEADERS = "location,info";
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
final MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*");
headers.add("Access-Control-Allow-Headers", getRequestedAllowedHeaders(requestContext));
headers.add("Access-Control-Expose-Headers", getRequestedExposedHeaders(requestContext));
headers.add("Access-Control-Allow-Credentials", "true");
headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);
headers.add("Access-Control-Max-Age", MAX_AGE);
headers.add("x-responded-by", "cors-response-filter");
}
String getRequestedAllowedHeaders(ContainerRequestContext responseContext) {
List<String> headers = responseContext.getHeaders().get("Access-Control-Allow-Headers");
return createHeaderList(headers, DEFAULT_ALLOWED_HEADERS);
}
String getRequestedExposedHeaders(ContainerRequestContext responseContext) {
List<String> headers = responseContext.getHeaders().get("Access-Control-Expose-Headers");
return createHeaderList(headers, DEFAULT_EXPOSED_HEADERS);
}
String createHeaderList(List<String> headers, String defaultHeaders) {
if (headers == null || headers.isEmpty()) {
return defaultHeaders;
}
StringBuilder retVal = new StringBuilder();
for (int i = 0; i < headers.size(); i++) {
String header = (String) headers.get(i);
retVal.append(header);
retVal.append(',');
}
retVal.append(defaultHeaders);
return retVal.toString();
}
}
项目