import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**处理跨域的过滤器*/
@WebFilter(value = "/*")
public class CrossFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest)req;
response.setHeader("content-type", "text/html;charset=UTF-8");
response.setCharacterEncoding("UTF-8");
String origin = request.getHeader("Origin"); //获取客户端的请求地址。
response.setHeader("Access-Control-Allow-Origin", origin); //把该地址设置为客户端可与请求的地址
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT"); //设置接口支持的请求方式
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "token, codekey, x-requested-with, Authorization"); //允许客户端可以使用当前请求头
response.setHeader("Access-Control-Allow-Credentials", "true"); //客户端请求头认证,默认为false, 需要设置为true
String method = request.getMethod();
if(method.equalsIgnoreCase("OPTIONS")){//允许客户端请求验证,如果客户端请求验证通过,返回Success到客户端,通知客户端进行第二次正常访问。
response.getOutputStream().write("Success".getBytes("utf-8"));
}else{
filterChain.doFilter(request, response);
}
}
@Override
public void destroy() {
}
}