关于跨域资源访问请参考 http://en.wikipedia.org/wiki/Cross-origin_resource_sharing ,基本原理是在Spring Controller的每一个请求返回的时候都加上Access-Control-...header,需要注意的是并不是所有的浏览器都支持这些header,使用之前要先了解清楚。
实现起来也很简单那就是Interceptor,代码如下:
public class AccessKeyInterceptor extends HandlerInterceptorAdapter {
private static Log log=LogFactory.getLog(AccessKeyInterceptor.class);
@Autowired
private IAccessService accessService;
private String accessKeyParameterName="accessKey";
private List<String> defaultAccessAllowedFrom;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String accessKey=request.getParameter(accessKeyParameterName);
String referer = request.getHeader("Referer");
URL u = new URL(referer);
String host