import org.apache.http.client.methods.HttpOptions; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.IOException; import java.util.Arrays; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class CrosFilter implements Filter { private static final Logger log = LoggerFactory.getLogger(CrosFilter.class); public static final String[] ALLOW_DOMAIN = { "https://h5.x.com","http://h5.x.com" }; @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; log.info("request url:"+req.getRequestURL()); String origin = req.getHeader("Origin"); log.info("###过滤器开启请求域名为:" + origin + " path:" + req.getServletPath()); if (Arrays.asList(ALLOW_DOMAIN).contains(origin)) { log.info("set header :" + origin); res.setHeader("Access-Control-Allow-Origin", origin); res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); res.setHeader("Access-Control-Max-Age", "3600"); res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent, Authorization, X-Auth-Token"); res.setHeader("Access-Control-Allow-Credentials", "true"); res.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=None"); } log.info("request.getMethod():" + req.getMethod()); if (HttpOptions.METHOD_NAME.equals(req.getMethod())) { res.setStatus(HttpServletResponse.SC_OK); } else { chain.doFilter(request, response); } } @Override public void destroy() { } }
<filter> <filter-name>crossFilter</filter-name> <filter-class>com.wlogin.filter.CrosFilter</filter-class> </filter> <filter-mapping> <filter-name>crossFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>