我自定义了一个MyCrossOriginFilter.class,并在Access-Control-Allow-Headers 额外添加了允许"token",客户端请求待遇token时有个别接口不支持跨越了,请求不带token就支持。什么原因呢?
public class MyCrossOriginFilter implements ActionFilter {
private static final Log log = Logs.get();
protected String origin;
protected String methods;
protected String headers;
protected String credentials;
public MyCrossOriginFilter() {
this("*", "GET, POST, PUT, DELETE, OPTIONS, PATCH", "Origin, Content-Type, Accept, Authorization, X-Requested-With,token", "true");
}
public MyCrossOriginFilter(String origin, String methods, String headers, String credentials) {
this.origin = origin;
this.methods = methods;
this.headers = headers;
this.credentials = credentials;
}
public View match(ActionContext ac) {
HttpServletResponse resp = ac.getResponse();
if (!Strings.isBlank(this.origin)) {
resp.setHeader("Access-Control-Allow-Origin", this.origin);
}
if (!Strings.isBlank(this.methods)) {
resp.setHeader("Access-Control-Allow-Methods", this.methods);
}
if (!Strings.isBlank(this.headers)) {
resp.setHeader("Access-Control-Allow-Headers", this.headers);
}
if (!Strings.isBlank(this.credentials)) {
resp.setHeader("Access-Control-Allow-Credentials", this.credentials);
}
if ("OPTIONS".equals(ac.getRequest().getMethod())) {
if (log.isDebugEnabled()) {
log.debugf("Feedback -- [%s] [%s] [%s] [%s]", new Object[]{this.origin, this.methods, this.headers, this.credentials});
}
return new VoidView();
}
return null;
}
}
@IocBean(name = "adsHome")
@Filters({ @By(type = MyActionFilter.class, args = {""})})
@At("ads/home")
public class HomeControl extends BaseController {
@At("/campaign/list")
@Ok("json")
@Filters({@By(type = MyCrossOriginFilter.class)})
public ReturnObject campaignList() {
ReturnObject result = new ReturnObject();
return result;
}
}
393
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
