如何配置 Lagom 框架以使用 CORS?
How can I configure Lagom framework to work with CORS?
如何配置 Lagom 框架以处理 CORS 请求(方法请求 'options')。
要允许用 Java 编写的 Lagom 服务与 CORS 一起工作,您需要为每个 Play 实现一个 CORS 过滤器:
package example.service.impl
import play.filters.cors.CORSFilter;
import play.http.DefaultHttpFilters;
import javax.inject.Inject;
// See https://playframework.com/documentation/2.5.x/CorsFilter
public class MyCORSFilter extends DefaultHttpFilters {
@Inject
public MyCORSFilter(CORSFilter corsFilter) {
super(corsFilter);
}
}
然后在您的 application.conf 中,您需要添加过滤器:
play.http.filters = "example.service.impl.MyCORSFilter"
// To properly setup the CORSFilter, please refer to https://playframework.com/documentation/2.5.x/CorsFilter
// This example is only meant to show what's required for Lagom to use CORS.
play.filters.cors {
// review the values of all these settings to fulfill your needs. These values are not meant for production.
pathPrefixes = ["/api"]
allowedOrigins = null
allowedHttpMethods = null
allowedHttpHeaders = null
exposedHeaders = []
supportsCredentials = false
preflightMaxAge = 6 hour
}
有关详细信息,请参阅 example CORS service and the Play docs。
我已经通过这种方式为我的一个项目在 lagom 中启用了 CORS。
在服务 class 中定义一个方法来处理 OPTIONS 调用。
ServiceCall<NotUsed, Done> options();
实现service-implclass中的方法。
@Override
public ServiceCall<NotUsed, Done> options() {
return request -> CompletableFuture.completedFuture(Done.getInstance());
}
在描述符中定义选项调用。例如,假设实际调用是
GET /api/v0.1/user
服务描述符应如下所示:
@Override
default Descriptor descriptor() {
// @formatter:off
return named("notification").withCalls(
restCall(Method.GET, "/api/v0.1/user", this::getUser),
restCall(Method.OPTIONS, "/api/v0.1/user", this::options)
).withAutoAcl(true).withHeaderFilter(new CORSHeaderFilter());
// @formatter:on
}
请注意,它有一个 header 过滤器,使用
.withHeaderFilter(new CORSHeaderFilter())
CORSHeaderFilter Class 应该是这样的。
import com.lightbend.lagom.javadsl.api.transport.HeaderFilter;
import com.lightbend.lagom.javadsl.api.transport.Method;
import com.lightbend.lagom.javadsl.api.transport.RequestHeader;
import com.lightbend.lagom.javadsl.api.transport.ResponseHeader;
public class CORSHeaderFilter implements HeaderFilter {
@Override
public RequestHeader transformClientRequest(RequestHeader request) {
return request;
}
@Override
public RequestHeader transformServerRequest(RequestHeader request) {
return request;
}
@Override
public ResponseHeader transformServerResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
@Override
public ResponseHeader transformClientResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
}
无论何时添加新端点,请务必同时添加它的 OPTIONS 版本。
如何配置 Lagom 框架以处理 CORS 请求(方法请求 'options')。
要允许用 Java 编写的 Lagom 服务与 CORS 一起工作,您需要为每个 Play 实现一个 CORS 过滤器:
package example.service.impl
import play.filters.cors.CORSFilter;
import play.http.DefaultHttpFilters;
import javax.inject.Inject;
// See https://playframework.com/documentation/2.5.x/CorsFilter
public class MyCORSFilter extends DefaultHttpFilters {
@Inject
public MyCORSFilter(CORSFilter corsFilter) {
super(corsFilter);
}
}
然后在您的 application.conf 中,您需要添加过滤器:
play.http.filters = "example.service.impl.MyCORSFilter"
// To properly setup the CORSFilter, please refer to https://playframework.com/documentation/2.5.x/CorsFilter
// This example is only meant to show what's required for Lagom to use CORS.
play.filters.cors {
// review the values of all these settings to fulfill your needs. These values are not meant for production.
pathPrefixes = ["/api"]
allowedOrigins = null
allowedHttpMethods = null
allowedHttpHeaders = null
exposedHeaders = []
supportsCredentials = false
preflightMaxAge = 6 hour
}
有关详细信息,请参阅 example CORS service and the Play docs。
我已经通过这种方式为我的一个项目在 lagom 中启用了 CORS。
在服务 class 中定义一个方法来处理 OPTIONS 调用。
ServiceCall<NotUsed, Done> options();
实现service-implclass中的方法。
@Override
public ServiceCall<NotUsed, Done> options() {
return request -> CompletableFuture.completedFuture(Done.getInstance());
}
在描述符中定义选项调用。例如,假设实际调用是
GET /api/v0.1/user
服务描述符应如下所示:
@Override
default Descriptor descriptor() {
// @formatter:off
return named("notification").withCalls(
restCall(Method.GET, "/api/v0.1/user", this::getUser),
restCall(Method.OPTIONS, "/api/v0.1/user", this::options)
).withAutoAcl(true).withHeaderFilter(new CORSHeaderFilter());
// @formatter:on
}
请注意,它有一个 header 过滤器,使用
.withHeaderFilter(new CORSHeaderFilter())
CORSHeaderFilter Class 应该是这样的。
import com.lightbend.lagom.javadsl.api.transport.HeaderFilter;
import com.lightbend.lagom.javadsl.api.transport.Method;
import com.lightbend.lagom.javadsl.api.transport.RequestHeader;
import com.lightbend.lagom.javadsl.api.transport.ResponseHeader;
public class CORSHeaderFilter implements HeaderFilter {
@Override
public RequestHeader transformClientRequest(RequestHeader request) {
return request;
}
@Override
public RequestHeader transformServerRequest(RequestHeader request) {
return request;
}
@Override
public ResponseHeader transformServerResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
@Override
public ResponseHeader transformClientResponse(ResponseHeader response, RequestHeader request) {
ResponseHeader modifiedResponse = response.withHeader("Access-Control-Allow-Origin", "*");
if (Method.OPTIONS.equals(request.method())) {
modifiedResponse = modifiedResponse.withStatus(204).withHeader("Access-Control-Allow-Headers",
"Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With" +
",If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range").
withHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PATCH").
withHeader("Access-Control-Max-Age", "1728000");
}
return modifiedResponse;
}
}
无论何时添加新端点,请务必同时添加它的 OPTIONS 版本。