Fatal编程技术网
  • angularjs/
  • Angularjs 向所有请求添加额外的头(到Tomcat)

Angularjs 向所有请求添加额外的头(到Tomcat)

angularjs tomcat

Angularjs 向所有请求添加额外的头(到Tomcat),angularjs,tomcat,http-headers,Angularjs,Tomcat,Http Headers,我有一个Angular应用程序运行在端口3000上。我的Rest服务器正在端口8080上运行 我想为向rest服务器发出的所有请求添加一个额外的头 下面是rest服务器的web.xmlconfig文件: <filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-clas

我有一个Angular应用程序运行在端口3000上。我的Rest服务器正在端口8080上运行

我想为向rest服务器发出的所有请求添加一个额外的头

下面是rest服务器的
web.xml
config文件:

<filter>

    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>

    <!-- With or without this, it doesn't work -->
    <init-param>
        <param-name>cors.allowed.headers</param-name>
        <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
    </init-param>

    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>http://localhost:3000</param-value>
    </init-param>

    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value>
    </init-param>

    <init-param>
        <param-name>cors.exposed.headers</param-name>
        <param-value>Location</param-value>
    </init-param>

</filter>
服务器返回403:

# Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 403.

当我删除javascript文件中的行时,请求成功完成

HTTP服务器用于检查HTTP头,您正在尝试传递头
x-rest-version
,并且它在您的配置中没有白名单

x-rest-version
添加到
cors.allowed.headers

...
<init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>x-rest-version,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
...

。。。
cors.allowed.headers
x-rest-version、内容类型、x-Requested-With、接受、来源、访问控制请求方法、访问控制请求头
...
我想,飞行前请求(选项)也会出现错误,不是吗?您可能需要将
x-rest-version
添加到
cors.allowed.headers
?哇,太棒了!这很有趣,因为我已经根据tomcat.apache.org/tomcat-7.0-doc/config/filter.html玩过这个参数了,但我从来没有明白我必须把
x-rest-version
放在
param值
节点中。它现在工作了。很高兴能帮上忙,我将发布一个回复,让这个问题得到更多关于错误的细节的回答。 
...
<init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>x-rest-version,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
...