1、需要下载
cors-filter-1.7.jar,java-property-utils-1.9.jar这两个库文件,然后放到tomcat的lib文件夹下;
2、配置tomcat下的web.xml:
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, POST, HEAD, PUT, DELETE</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>Accept, Origin, X-Requested-With, Content-Type, Last-Modified</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>Set-Cookie</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
3、在程序中需要设置response响应头信息,设置允许的请求头信息:
response.setHeader("Access-Control-Allow-Origin", "http://localhost");
response.setHeader("Access-Control-Allow-Headers", "iv_user,accept,x-test," +
"X-Requested-With, Content-Type, Accept," +
"Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified," +
" Cache-Control, Expires, Content-Type, X-E4M-With");
response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
response.setHeader("Access-Control-Allow-Credentials", "false");
response.setHeader("Content-Type", "*/*");
当然阮一峰老师的这篇博客也不错
CORS 详解的很好
http://www.ruanyifeng.com/blog/2016/04/cors.html
http://blog.csdn.net/u012500848/article/details/51162449