xwiki REST ajax 调用错误
xwiki REST ajax call error
大家好,我在我的本地主机上有一个 xwiki 的实例,出于测试目的,我想通过编写一些简单的 jquery 脚本来测试 RESTful api:
<script type="text/javascript">
var username = "Admin";
var password ="admin";
function make_base_auth(user, password)
{
var tok = user + ':' + password;
var hash = btoa(tok);
alert(hash);
return "Basic " + hash;
}
var url = "http://localhost:8080/xwiki/rest/wikis/query?q=object:XWiki.XWikiUsers";
var returnData = "";
$.ajax({
type: "GET",
dataType: "xml",
crossDomain: true,
async: true,
url: url,
headers: {"authorization": make_base_auth(username, password), "Access-Control-Allow-Origin": "*" },
error: function(request, status, error)
{
alert(error)
},
success: function(data)
{
alert("success");
}
});
</script>
我得到的错误是:
XMLHttpRequest cannot load
http://localhost:8080/xwiki/rest/wikis/query?q=object:XWiki.XWikiUsers.
Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'null' is therefore not allowed access.
但是尝试使用邮递员我得到了正确的结果...我遗漏了什么?
谢谢
在默认配置下,XWiki 不允许 CORS;您需要在 web.xml
中启用它
要允许使用 authentication header 发送身份验证数据,请编辑文件 web.xml 并在包含过滤器的部分中添加一个新过滤器:
<filter>
<filter-name>Set CORS headers very lenitent</filter-name>
<filter-class>org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter</filter-class>
<init-param>
<param-name>name</param-name>
<param-value>Access-Control-Allow-Headers</param-value>
</init-param>
<init-param>
<param-name>value</param-name>
<param-value>authorization</param-value>
</init-param>
</filter>
现在您需要激活过滤器;在 filter-mapping 中再往下添加您自己的:
<filter-mapping>
<filter-name>Set CORS headers very lenitent</filter-name>
<servlet-name>RestletServlet</servlet-name>
</filter-mapping>
(是的,如果您不喜欢过滤器名称,请使用不同的名称,只需在两个地方使用相同的名称即可。)
正如您在评论中指出的那样,允许多个 HTTP headers 的工作方式如下:
<filter>
<filter-name>Set CORS headers very lenitent</filter-name>
<filter-class>org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter</filter-class>
<init-param>
<param-name>name</param-name>
<param-value>Access-Control-Allow-Headers</param-value>
</init-param>
<init-param>
<param-name>value</param-name>
<param-value>authorization, content-type</param-value>
</init-param>
</filter>
(在这种情况下允许 authorization header 和 "non-standard" Content-Type header)(旁注:headers是 case-nsensitive: Are HTTP headers case-sensitive?)
此外,您还需要为 REST-request 一般允许 CORS;对于此搜索:
<!-- We set the CORS policy globally for webjars.
... longer comment ....
-->
<filter-mapping>
<filter-name>Set CORS policy for fonts</filter-name>
<servlet-name>resourceReferenceHandler</servlet-name>
<url-pattern>/webjars/*</url-pattern>
<url-pattern>*.woff</url-pattern>
<url-pattern>*.eot</url-pattern>
<url-pattern>*.ttf</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
编辑 filter-mapping 并添加一行 <servlet-name>RestletServlet</servlet-name> 来为其余 servlet 激活此过滤器:
<filter-mapping>
<filter-name>Set CORS policy for fonts</filter-name>
<servlet-name>resourceReferenceHandler</servlet-name>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/webjars/*</url-pattern>
[...]
重新启动 servlet 容器后,AJAX 请求现在应该可以工作了。
您可以修改 web.xml 文件以启用 cors(我使用的是码头服务器)。
我添加了下面提到的过滤器。
<filter>
<filter-name>cross-origin</filter-name>
<filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class>
<init-param>
<param-name>allowedOrigins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>allowedMethods</param-name>
<param-value>GET,POST,DELETE,PUT,HEAD</param-value>
</init-param>
<init-param>
<param-name>allowedHeaders</param-name>
<param-value>origin, content-type, accept, authorization</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>cross-origin</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
然后您需要从 here
下载并添加 jetty servlet jar
把这个jar放到lib文件夹里,然后重启你的服务器,jetty服务器的cors就启用了。
大家好,我在我的本地主机上有一个 xwiki 的实例,出于测试目的,我想通过编写一些简单的 jquery 脚本来测试 RESTful api:
<script type="text/javascript">
var username = "Admin";
var password ="admin";
function make_base_auth(user, password)
{
var tok = user + ':' + password;
var hash = btoa(tok);
alert(hash);
return "Basic " + hash;
}
var url = "http://localhost:8080/xwiki/rest/wikis/query?q=object:XWiki.XWikiUsers";
var returnData = "";
$.ajax({
type: "GET",
dataType: "xml",
crossDomain: true,
async: true,
url: url,
headers: {"authorization": make_base_auth(username, password), "Access-Control-Allow-Origin": "*" },
error: function(request, status, error)
{
alert(error)
},
success: function(data)
{
alert("success");
}
});
</script>
我得到的错误是:
XMLHttpRequest cannot load http://localhost:8080/xwiki/rest/wikis/query?q=object:XWiki.XWikiUsers. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
但是尝试使用邮递员我得到了正确的结果...我遗漏了什么? 谢谢
在默认配置下,XWiki 不允许 CORS;您需要在 web.xml
要允许使用 authentication header 发送身份验证数据,请编辑文件 web.xml 并在包含过滤器的部分中添加一个新过滤器:
<filter>
<filter-name>Set CORS headers very lenitent</filter-name>
<filter-class>org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter</filter-class>
<init-param>
<param-name>name</param-name>
<param-value>Access-Control-Allow-Headers</param-value>
</init-param>
<init-param>
<param-name>value</param-name>
<param-value>authorization</param-value>
</init-param>
</filter>
现在您需要激活过滤器;在 filter-mapping 中再往下添加您自己的:
<filter-mapping>
<filter-name>Set CORS headers very lenitent</filter-name>
<servlet-name>RestletServlet</servlet-name>
</filter-mapping>
(是的,如果您不喜欢过滤器名称,请使用不同的名称,只需在两个地方使用相同的名称即可。)
正如您在评论中指出的那样,允许多个 HTTP headers 的工作方式如下:
<filter>
<filter-name>Set CORS headers very lenitent</filter-name>
<filter-class>org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter</filter-class>
<init-param>
<param-name>name</param-name>
<param-value>Access-Control-Allow-Headers</param-value>
</init-param>
<init-param>
<param-name>value</param-name>
<param-value>authorization, content-type</param-value>
</init-param>
</filter>
(在这种情况下允许 authorization header 和 "non-standard" Content-Type header)(旁注:headers是 case-nsensitive: Are HTTP headers case-sensitive?)
此外,您还需要为 REST-request 一般允许 CORS;对于此搜索:
<!-- We set the CORS policy globally for webjars.
... longer comment ....
-->
<filter-mapping>
<filter-name>Set CORS policy for fonts</filter-name>
<servlet-name>resourceReferenceHandler</servlet-name>
<url-pattern>/webjars/*</url-pattern>
<url-pattern>*.woff</url-pattern>
<url-pattern>*.eot</url-pattern>
<url-pattern>*.ttf</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
编辑 filter-mapping 并添加一行 <servlet-name>RestletServlet</servlet-name> 来为其余 servlet 激活此过滤器:
<filter-mapping>
<filter-name>Set CORS policy for fonts</filter-name>
<servlet-name>resourceReferenceHandler</servlet-name>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/webjars/*</url-pattern>
[...]
重新启动 servlet 容器后,AJAX 请求现在应该可以工作了。
您可以修改 web.xml 文件以启用 cors(我使用的是码头服务器)。 我添加了下面提到的过滤器。
<filter>
<filter-name>cross-origin</filter-name>
<filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class>
<init-param>
<param-name>allowedOrigins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>allowedMethods</param-name>
<param-value>GET,POST,DELETE,PUT,HEAD</param-value>
</init-param>
<init-param>
<param-name>allowedHeaders</param-name>
<param-value>origin, content-type, accept, authorization</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>cross-origin</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
然后您需要从 here
下载并添加 jetty servlet jar把这个jar放到lib文件夹里,然后重启你的服务器,jetty服务器的cors就启用了。