Origin is not allowed by Access-Control-Allow-Origin 无解
Origin is not allowed by Access-Control-Allow-Origin without solution
10 多天以来,我一直在尝试解决以下问题。我在没有解决方案的情况下红色了该站点的所有指南和页面。
我在 java 中使用 Jersey 库开发了一个 REST Web 服务器。服务的结果是 JSON 格式。在我的服务器中,我添加了 CORS 过滤器
服务器
package server;
import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
public class CORSFilter implements ContainerResponseFilter {
@Override
public void filter(final ContainerRequestContext requestContext,
final ContainerResponseContext cres) throws IOException {
cres.getHeaders().add("Access-Control-Allow-Origin", "*");
cres.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
cres.getHeaders().add("Access-Control-Allow-Credentials", "true");
cres.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
cres.getHeaders().add("Access-Control-Max-Age", "1209600");
}
}
而 web.xml 是:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<display-name>conferenceServer</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet- class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>server</param-value>
</init-param>
<init-param>
<param- name>javax.ws.rs.container.ContainerResponseFilter</param-name>
<param-value>server.CORSFilter</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
响应的 JSON 格式化程序有效,但是当我在我的应用程序中调用该服务时,我收到此消息错误:
[Error] Failed to load resource: Origin http://localhost:8100 is not allowed by Access-Control-Allow-Origin. (all, line 0)
[Error] XMLHttpRequest cannot load http://****/myServer/service. Origin http://localhost:8100 is not allowed by Access-Control-Allow-Origin.
您认为问题出在哪里?
我认为这不能用作参数名称
<param-name>javax.ws.rs.container.ContainerResponseFilter</param-name>
您可以做两件事来确保过滤器已注册:
在过滤器 class 之上添加 @Provider。初始化参数
jersey.config.server.provider.packages
将确保从包裹扫描中提取并注册。
使用初始化参数...classnames注册过滤器
<init-param>
<param-name>jersey.config.server.provider.classnames</param-name>
<param-value>server.CORSFilter</param-value>
</init-param>
10 多天以来,我一直在尝试解决以下问题。我在没有解决方案的情况下红色了该站点的所有指南和页面。 我在 java 中使用 Jersey 库开发了一个 REST Web 服务器。服务的结果是 JSON 格式。在我的服务器中,我添加了 CORS 过滤器
服务器
package server;
import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
public class CORSFilter implements ContainerResponseFilter {
@Override
public void filter(final ContainerRequestContext requestContext,
final ContainerResponseContext cres) throws IOException {
cres.getHeaders().add("Access-Control-Allow-Origin", "*");
cres.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
cres.getHeaders().add("Access-Control-Allow-Credentials", "true");
cres.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
cres.getHeaders().add("Access-Control-Max-Age", "1209600");
}
}
而 web.xml 是:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<display-name>conferenceServer</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet- class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>server</param-value>
</init-param>
<init-param>
<param- name>javax.ws.rs.container.ContainerResponseFilter</param-name>
<param-value>server.CORSFilter</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
响应的 JSON 格式化程序有效,但是当我在我的应用程序中调用该服务时,我收到此消息错误:
[Error] Failed to load resource: Origin http://localhost:8100 is not allowed by Access-Control-Allow-Origin. (all, line 0)
[Error] XMLHttpRequest cannot load http://****/myServer/service. Origin http://localhost:8100 is not allowed by Access-Control-Allow-Origin.
您认为问题出在哪里?
我认为这不能用作参数名称
<param-name>javax.ws.rs.container.ContainerResponseFilter</param-name>
您可以做两件事来确保过滤器已注册:
在过滤器 class 之上添加
@Provider。初始化参数jersey.config.server.provider.packages将确保从包裹扫描中提取并注册。
使用初始化参数
...classnames注册过滤器<init-param> <param-name>jersey.config.server.provider.classnames</param-name> <param-value>server.CORSFilter</param-value> </init-param>