Java 在不增加服务端跨源代码的情况下，如何解决跨源问题？_Java_Php_Angular_Laravel_Api

Java 在不增加服务端跨源代码的情况下，如何解决跨源问题？

java php angular laravel api

Java 在不增加服务端跨源代码的情况下，如何解决跨源问题？,java,php,angular,laravel,api,Java,Php,Angular,Laravel,Api,无需在服务端语言上添加跨源代码。可以通过JavaAPI或Laravel（PHP）解决跨源问题不需要添加下面的代码对于Java: public class CORSFilter extends OncePerRequestFilter { private static final Log LOG = LogFactory.getLog(CORSFilter.class); @Override protected void doFilterInternal(HttpSe

无需在服务端语言上添加跨源代码。可以通过JavaAPI或Laravel（PHP）解决跨源问题

不需要添加下面的代码

对于Java:

public class CORSFilter extends OncePerRequestFilter {
    private static final Log LOG = LogFactory.getLog(CORSFilter.class);

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {

        response.addHeader("Access-Control-Allow-Origin", "*");
        if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
            LOG.trace("Sending Header....");
            // CORS "pre-flight" request
            response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
            // response.addHeader("Access-Control-Allow-Headers", "Authorization");
            response.addHeader("Access-Control-Allow-Headers", "Content-Type");
            response.addHeader("Access-Control-Max-Age", "1");
        }
        filterChain.doFilter(request, response);
    }

}

namespace App\Http\Middleware;

use Closure;
class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        return $next($request)
            ->header('Access-Control-Allow-Origin', '*')
            ->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE');
    }
}

对于Laravel:

public class CORSFilter extends OncePerRequestFilter {
    private static final Log LOG = LogFactory.getLog(CORSFilter.class);

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {

        response.addHeader("Access-Control-Allow-Origin", "*");
        if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
            LOG.trace("Sending Header....");
            // CORS "pre-flight" request
            response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
            // response.addHeader("Access-Control-Allow-Headers", "Authorization");
            response.addHeader("Access-Control-Allow-Headers", "Content-Type");
            response.addHeader("Access-Control-Max-Age", "1");
        }
        filterChain.doFilter(request, response);
    }

}

namespace App\Http\Middleware;

use Closure;
class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        return $next($request)
            ->header('Access-Control-Allow-Origin', '*')
            ->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE');
    }
}

来自CORS

当web应用程序请求的资源的来源（域、协议和端口）与其自己的来源不同时，会执行跨来源HTTP请求

因此，如果您真的不想在API服务器上设置CORS头，您需要确保API服务器具有与您的网站相同的协议、主机和域

否则，如果只是出于开发/测试目的，您可以尝试使用angular的

意味着我们需要在同一服务器上托管这两个代码，对吗@DavidIt需要是相同的协议、域和端口。因此，只要您有合适的基础设施（例如负载平衡器），API和前端代码就不需要在同一台服务器上。