比如http://serverIp:8051/test/index.html页面需要需要访问本地启动的Server,http://localhost:8089/api/heren-plugin/event,这时会存在跨域的问题,解决方案有jsonp和iframe等,但jsonp只能使用get方法调用,没有post,在大数据传输时get方法显然不适合。最好的办法就是在目标域的项目中写一个Filter,如下:
public class HerenCorsFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletResponse.setCharacterEncoding("UTF-8");
HttpServletResponse res = (HttpServletResponse) servletResponse;
res.addHeader("Access-Control-Allow-Origin", "*");
res.addHeader("Allow-Control-Allow-Methods", "POST,GET,OPTIONS");
res.addHeader("Access-Control-Allow-Credentials", "true");
res.addHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With");
res.addHeader("Access-Control-Max-Age", "600000");
filterChain.doFilter(servletRequest, res);
}
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletResponse.setCharacterEncoding("UTF-8");
HttpServletResponse res = (HttpServletResponse) servletResponse;
res.addHeader("Access-Control-Allow-Origin", "*");
res.addHeader("Allow-Control-Allow-Methods", "POST,GET,OPTIONS");
res.addHeader("Access-Control-Allow-Credentials", "true");
res.addHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With");
res.addHeader("Access-Control-Max-Age", "600000");
filterChain.doFilter(servletRequest, res);
}
}
需要注意的是,res.addHeader("Access-Control-Allow-Origin", "*")这行代码必须放在最前面,否则不会生效。
这样,我们可以和普通请求一样,使用get和post。
我在之前的一篇博客中介绍了jsonp的使用 http://xunmengsj.iteye.com/blog/1881008