后端
使用过滤器的写法解决跨域问题
public class CorsFilter implements Filter {
private Logger logger = LoggerFactory.getLogger(getClass());
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
logger.info("************************ 跨域过滤器 start ************************");
HttpServletResponse res = (HttpServletResponse) response;
res.setContentType("text/html;charset=UTF-8");
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
res.setHeader("Access-Control-Max-Age", "0");
res.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
res.setHeader("Access-Control-Allow-Credentials", "true");
res.setHeader("XDomainRequestAllowed","1");
logger.info("************************ 跨域过滤器 end ************************");
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
}
web.xml配置文件
<!-- 跨域过滤器 -->
<filter>
<filter-name>cors</filter-name>
<filter-class>xxx.xxx.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>cors</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
前端
如果前台和后台服务不在同一域名下,最好通过使用jquery的ajax,而不是$.getJSON()
或$.post()
同时这样也解决了不同域名session
改变的问题
$.ajax({
type: 'POST',
url: getRootPath() + '/web/login',
data: para,
//注意下面两个参数的设置起到了作用
xhrFields: {
withCredentials: true
},
crossDomain:true,
success: function(data) {
},
dataType: 'json'
});