CORS filter for Java applications
http://padcom13.blogspot.com/2011/09/cors-filter-for-java-applications.html
http://stackoverflow.com/questions/5027705/error-in-chrome-content-type-is-not-allowed-by-access-control-allow-headers
Hi there, in today's installment we're going to allow Ajax calls from other domains to be answered and accepted by browsers.
The what This thing (completely forgotten by many) is called Cross Origin Resource Sharing and works with standard Ajax requests your browser can send. You can read about it in depth on Wikipedia or on the http://enable-cors.org/ site.
The how Let's get to the meat - shall we? On the http://enable-cors.org/ site there are many recipes for all kind of servers and they respective configuration but what if you'd like to enable CORS just for a part of your application? If you're lucky enough and you're coding your application in Java then there is a standard mechanism to do just that! It's called filters. Here's the most simple way of implementing CORS response headers:
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class CORSFilter implements Filter {
public CORSFilter() { }
public void init(FilterConfig fConfig) throws ServletException { }
public void destroy() { }
public void doFilter(
ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Origin", "*"
);
((HttpServletResponse)response).addHeader(
"Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"
);
chain.doFilter(request, response);
}
}
As you can see here all we're doing is adding the Access-Control-Allow-Origin header so that the browser can accept the response sent by server.
You can use this filter as follows in your web.xml:
<web-app>
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/api/*</url-pattern>
</filter-mapping>
</web-app>
Have fun!
Posted by Matthias Hryniszak at 6:55 PM
Labels: cors, java
相關文章
- Applications1APP
- Graph Theory with ApplicationsGraph TheoryAPP
- HMAC: Introduction, History, and ApplicationsMacAPP
- 2.3.6.2 Synchronization of Multiple ApplicationsAPP
- 2.3.3.3.2 Applications at Different VersionsAPP
- LLM multiple modal applicationsAPP
- Deploying LLM Applications with LangServeAPPGse
- CORSCORS
- CORS原理及@koa/cors原始碼解析CORS原始碼
- Java中stream流的filter機制理解JavaFilter
- Java安全之Filter許可權繞過JavaFilter
- EBIS4043 Big Data Analysis and ApplicationsAPP
- java8 多條件的filter過濾JavaFilter
- 跨域CORS跨域CORS
- [譯] 理解 CORSCORS
- CORS跨域CORS跨域
- 跨域 Cors error跨域CORSError
- 跨域之CORS跨域CORS
- 如何設定 CORSCORS
- CORS/JSONP比較CORSJSON
- JavaScript filter()JavaScriptFilter
- Logcat filterGCFilter
- gateway filterGatewayFilter
- Filter管道Filter
- TKDE 2017:A Comprehensive Survey of Graph Embedding: Problems, Techniques and ApplicationsAPP
- 說說CORS與jsonpCORSJSON
- ajax、axios、fetch、jsonp、corsiOSJSONCORS
- Canvas errors & CORS All In OneCanvasErrorCORS
- NGINX 反向程式碼 CORSNginxCORS
- CORS跨域請求CORS跨域
- JavaScript-CORS 跨域JavaScriptCORS跨域
- 前端CORS請求梳理前端CORS
- CORS 一把梭CORS
- Netty series: handling CORS in nettyNettyCORS
- Java安全之基於Tomcat的Filter型記憶體馬JavaTomcatFilter記憶體
- Nanotechnology Applications in the Food Industry.epub 免費下載NaNAPP
- 【論文筆記】A review of applications in federated learning(綜述)筆記ViewAPP
- fuzzing XSS filterFilter
- filter過濾Filter