http://blog.csdn.net/hfahe/article/details/7730944
http://yuguo.us/weblog/access-control-allow-origin/
response.setHeader("Access-Control-Allow-Origin", "*");
<filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> </filter> <filter-mapping> <filter-name>CorsFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>