Java 在不增加服务端跨源代码的情况下,如何解决跨源问题?
无需在服务端语言上添加跨源代码。可以通过JavaAPI或Laravel(PHP)解决跨源问题 不需要添加下面的代码 对于Java:Java 在不增加服务端跨源代码的情况下,如何解决跨源问题?,java,php,angular,laravel,api,Java,Php,Angular,Laravel,Api,无需在服务端语言上添加跨源代码。可以通过JavaAPI或Laravel(PHP)解决跨源问题 不需要添加下面的代码 对于Java: public class CORSFilter extends OncePerRequestFilter { private static final Log LOG = LogFactory.getLog(CORSFilter.class); @Override protected void doFilterInternal(HttpSe
public class CORSFilter extends OncePerRequestFilter {
private static final Log LOG = LogFactory.getLog(CORSFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
response.addHeader("Access-Control-Allow-Origin", "*");
if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
LOG.trace("Sending Header....");
// CORS "pre-flight" request
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
// response.addHeader("Access-Control-Allow-Headers", "Authorization");
response.addHeader("Access-Control-Allow-Headers", "Content-Type");
response.addHeader("Access-Control-Max-Age", "1");
}
filterChain.doFilter(request, response);
}
}
namespace App\Http\Middleware;
use Closure;
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE');
}
}
对于Laravel:
public class CORSFilter extends OncePerRequestFilter {
private static final Log LOG = LogFactory.getLog(CORSFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
response.addHeader("Access-Control-Allow-Origin", "*");
if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
LOG.trace("Sending Header....");
// CORS "pre-flight" request
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
// response.addHeader("Access-Control-Allow-Headers", "Authorization");
response.addHeader("Access-Control-Allow-Headers", "Content-Type");
response.addHeader("Access-Control-Max-Age", "1");
}
filterChain.doFilter(request, response);
}
}
namespace App\Http\Middleware;
use Closure;
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE');
}
}
来自CORS
当web应用程序请求的资源的来源(域、协议和端口)与其自己的来源不同时,会执行跨来源HTTP请求
因此,如果您真的不想在API服务器上设置CORS头,您需要确保API服务器具有与您的网站相同的协议、主机和域
否则,如果只是出于开发/测试目的,您可以尝试使用angular的意味着我们需要在同一服务器上托管这两个代码,对吗@DavidIt需要是相同的协议、域和端口。因此,只要您有合适的基础设施(例如负载平衡器),API和前端代码就不需要在同一台服务器上。