参考文档:https://howtodoinjava.com/servlets/java-cors-filter-example/
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @Author : YingZhang
* @Description:
* @Date : Create in 10:45 AM 11/1/2018
*/
@Component
@WebFilter(urlPatterns = "/*")
public class JavaCORS implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest) servletRequest;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
if (request.getMethod().equals("OPTIONS")) {
response.setStatus(HttpServletResponse.SC_ACCEPTED);
}
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
}
}
Spring 里对于CORS:
https://howtodoinjava.com/spring5/webmvc/spring-mvc-cors-configuration/
在浏览器上打开一个网站(非https的网站),F12后在console里输入
(function loadXMLDoc() {
var xmlhttp;
xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatecatechange = function() {
}
xmlhttp.open("GET", "http://1.11.111.23:6088/event/list", true);
xmlhttp.withCredentials = true;
xmlhttp.send();
})()