错误截图:
以下是我的API类,其中为@OPTIONS方法编写了代码。
@OPTIONS
public Response OptionsFirstRequst(){
return Response.ok()
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Methods", "*")
.header("Access-Control-Allow-Headers", "*").build();
}
我创建了一个名为Response Builder的类,通过该类我为每个请求发送响应。以下是Response Builder类的代码:
public class ResponseBuilder {
public int status;
public HashMap data;
public String error;
public static Response ok(int Status_code, HashMap<String, String> data, String Response_error) {
if (data == null) {
data = new HashMap();
}
ResponseBuilder response = new ResponseBuilder();
response.status = Status_code;
response.data = data;
response.error = Response_error;
return Response.status(Status_code).entity(response)
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Methods", "*")
.header("Access-Control-Allow-Headers", "*").build();
}
public static Response error(int Status_code, HashMap<String, String> data, String Response_error) {
if (data == null) {
data = new HashMap();
}
ResponseBuilder response = new ResponseBuilder();
response.status = Status_code;
response.data = data;
response.error = Response_error;
response.data = new HashMap();
return Response.status(Status_code).entity(response)
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Methods", "*")
.header("Access-Control-Allow-Headers", "*").build();
}
}
我还有一个Request过滤器,用于验证每个请求(登录除外)的令牌。
我能够登录,生成令牌并将其返回给浏览器。但是登录后,如果我单击个人资料。
我得到的响应为200(如浏览器的dev-tools网络所示),但没有得到任何数据/正确的响应。
我收到以下错误。
对预检请求的响应未通过访问控制检查:所请求的资源上不存在“ Access-Control-Allow-Origin”标头。
要检查并添加CORS标头,通常的解决方案是使用javax.ws.rs.container.ContainerResponseFilter
。下面是一个示例,其中在类中配置了允许的来源ApplicationConfig.accessControlAllowedOrigins
:
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.ext.Provider;
import java.io.IOException;
@Provider
public class ResponseCorsFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext,
ContainerResponseContext responseContext) throws IOException {
MultivaluedMap<String, Object> responseHeaders = responseContext.getHeaders();
String origin = requestContext.getHeaderString("Origin");
if (null != origin &&
(ApplicationConfig.accessControlAllowedOrigins.contains(origin) ||
ApplicationConfig.accessControlAllowedOrigins.contains("*"))) {
responseHeaders.putSingle("Access-Control-Allow-Origin", origin);
responseHeaders.putSingle("Access-Control-Allow-Methods",
"GET, POST, OPTIONS, PUT, DELETE, HEAD");
String reqHead = requestContext.getHeaderString(
"Access-Control-Request-Headers");
if (null != reqHead && !reqHead.equals("")) {
responseHeaders.putSingle("Access-Control-Allow-Headers", reqHead);
}
}
}
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句