`javax.filter.filter`未正确添加CORS头
我有一个简单的`javax.filter.filter`未正确添加CORS头,java,tomcat,Java,Tomcat,我有一个简单的javax.filter.filter实现,应该将CORS头添加到HttpResponse: log.debug("Headers before adding: {}", response.getHeaderNames()); log.debug("Adding CORS headers to {}", response.getClass().getName()); response.setHeader("Access-Control-Allow-Origi
javax.filter.filter
实现,应该将CORS头添加到HttpResponse
:
log.debug("Headers before adding: {}", response.getHeaderNames());
log.debug("Adding CORS headers to {}", response.getClass().getName());
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
log.debug("Headers after adding: {}", response.getHeaderNames());
但是,有时头不会出现在响应中(根据接收方和这段日志):
有时他们会:
DEBUG Headers before adding: []
DEBUG Adding CORS headers to org.apache.catalina.connector.ResponseFacade
DEBUG Headers after adding: [Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers]
我做错了什么?问题是,如果在设置头之前调用
chain.doFilter(req,res)
,Tomcat/Jetty将开始写入响应,并且无法添加更多头。不幸的是,这两台服务器都不会向您提供错误消息或异常来表明这一点
解决方案:在调用chain.doFilter(req,res)
DEBUG Headers before adding: []
DEBUG Adding CORS headers to org.apache.catalina.connector.ResponseFacade
DEBUG Headers after adding: [Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers]