CORS filter for Java applications
http://padcom13.blogspot.com/2011/09/cors-filter-for-java-applications.html
http://stackoverflow.com/questions/5027705/error-in-chrome-content-type-is-not-allowed-by-access-control-allow-headers
Hi there, in today's installment we're going to allow Ajax calls from other domains to be answered and accepted by browsers.
The what This thing (completely forgotten by many) is called Cross Origin Resource Sharing and works with standard Ajax requests your browser can send. You can read about it in depth on Wikipedia or on the http://enable-cors.org/ site.
The how Let's get to the meat - shall we? On the http://enable-cors.org/ site there are many recipes for all kind of servers and they respective configuration but what if you'd like to enable CORS just for a part of your application? If you're lucky enough and you're coding your application in Java then there is a standard mechanism to do just that! It's called filters. Here's the most simple way of implementing CORS response headers:
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class CORSFilter implements Filter {
public CORSFilter() { }
public void init(FilterConfig fConfig) throws ServletException { }
public void destroy() { }
public void doFilter(
ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Origin", "*"
);
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"
);
chain.doFilter(request, response);
}
}
As you can see here all we're doing is adding the Access-Control-Allow-Origin header so that the browser can accept the response sent by server.
You can use this filter as follows in your web.xml:
<web-app>
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/api/*</url-pattern>
</filter-mapping>
</web-app>
Have fun!
Posted by Matthias Hryniszak at 6:55 PM
Labels: cors, java
相關文章
- Java 8 Streams filterJavaFilter
- Java Filter過濾器JavaFilter過濾器
- bloom filter 的Java 版OOMFilterJava
- java中filter的用法JavaFilter
- CORSCORS
- Multicore processing for client-side Java applicationsclientIDEJavaAPP
- CORS原理及@koa/cors原始碼解析CORS原始碼
- java.lang.ClassNotFoundException:javax.servlet.FilterJavaExceptionServletFilter
- HOW TO INTEGRATE APPLICATIONS RELEASE 11 WITH CUSTOM APPLICATIONSAPP
- Applications 5APP
- 跨域CORS跨域CORS
- CORS跨域CORS跨域
- [譯] 理解 CORSCORS
- Java安全之Filter許可權繞過JavaFilter
- Java 中的 Filter 過濾器詳解JavaFilter過濾器
- 【BO-SDK】SSO InfoView_1 (BOE SDK Java Applications @_2)ViewJavaAPP
- Applications1APP
- Dependencies of Applications (256)APP
- Graph Theory with ApplicationsGraph TheoryAPP
- 【Java基礎】--filter過濾器原理解析JavaFilter過濾器
- 跨域之CORS跨域CORS
- 跨域 Cors error跨域CORSError
- [CORS:跨域資源共享] W3C的CORS SpecificationCORS跨域
- 2.3.6.2 Synchronization of Multiple ApplicationsAPP
- 2.3.3.3.2 Applications at Different VersionsAPP
- Oracle Applications Interface ProgramsOracleAPP
- Java Servlet (1) —— Filter過濾請求與響應JavaServletFilter
- 布隆過濾器(Bloom Filter)的java實現過濾器OOMFilterJava
- java實現Hbase中的查詢(一)Filter方式JavaFilter
- JavaScript-CORS 跨域JavaScriptCORS跨域
- CORS跨域請求CORS跨域
- CORS/JSONP比較CORSJSON
- 前端CORS請求梳理前端CORS
- NGINX 反向程式碼 CORSNginxCORS
- Canvas errors & CORS All In OneCanvasErrorCORS
- JavaScript filter()JavaScriptFilter
- Listener & FilterFilter
- jQuery filter()jQueryFilter