Javascript CORS不适用于铬合金中的Angular 2
我正在使用javascript代码调用部署在weblogic上并使用jaxws在java中开发的soap Web服务。从IE11我得到SOAP的响应,但从chrome我得到以下错误:Javascript CORS不适用于铬合金中的Angular 2,javascript,angular,soap,cors,Javascript,Angular,Soap,Cors,我正在使用javascript代码调用部署在weblogic上并使用jaxws在java中开发的soap Web服务。从IE11我得到SOAP的响应,但从chrome我得到以下错误: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'htt
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:4200' is therefore not allowed access.
The response had HTTP status code 405.
我在chrome中添加了cors扩展,然后出现以下新错误:
Response for preflight has invalid HTTP status code 405
我还设置了如下请求头:
xhr.setRequestHeader('Content-Type', 'text/xml; charset=utf-8');
xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
xhr.setRequestHeader('Access-Control-Allow-Headers', 'X-Custom-Header');
xhr.setRequestHeader('Access-Control-Allow-Methods', 'GET,POST,OPTIONS,PUT,DELETE');
但仍然没有成功
下面是调用部署在weblogic上的webservices的代码片段
var soapMessage = this.createSOAPMessage();
function createCORSRequest(method, url){
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr) {
xhr.open(method, url, true);
} else {
xhr = null;
}
return xhr;
}
var xhr = createCORSRequest('POST','http://IPAddress:7001/Path/ServiceImplService?WSDL');
if(!xhr){
console.log('XHR Issue');
return;
}
xhr.setRequestHeader('Content-Type', 'text/xml; charset=utf-8');
xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
xhr.setRequestHeader('Access-Control-Allow-Headers', 'X-Custom-Header');
xhr.setRequestHeader('Access-Control-Allow-Methods', 'GET,POST,OPTIONS,PUT,DELETE');
xhr.send(soapMessage);
var result
xhr.onload = function(){
result = xhr.responseText;
console.log('===Result====> '+result);
}
return result;
在您的服务中创建此类:
@Provider
@PreMatching
public class CorsFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestCtx, ContainerResponseContext responseCtx) throws IOException {
responseCtx.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
responseCtx.getHeaders().add("Access-Control-Allow-Origin", "*");
responseCtx.getHeaders().add("Access-Control-Allow-Credentials", "true");
responseCtx.getHeaders().add("Access-Control-Allow-Methods", "GET, POST");
}
}
我还将请求头设置如下:
-您不发送这些头,这些头必须为CORS接收。。。CORS由服务器控制,客户端不能告诉服务器,无论您的设置如何,都可以给我您的资源:pSo您的意思是我必须在服务器端处理CORS请求,不是来自我们的javascript?这就是CORS的控制来源。您可能需要指出,访问控制允许标头
也需要访问控制允许来源
,访问控制允许标头
和访问控制允许方法
,除非OP删除这些(无意义)通过使用这个类,我能够解决这个问题,但是这是一个真正的解决方案吗?因为当我无法访问服务时,我如何处理此问题?我对这种方法还不熟悉,所以我只是想了解一下。谢谢你的帮助,这是一个真正的解决方案。