Vue.js 如何在tomcat上运行的Vue应用程序中添加安全标头
我有一个vue应用程序,部署在运行tomcat 9的服务器上。如何向所有页面添加功能策略和CT标题?向响应添加标题的筛选器类Vue.js 如何在tomcat上运行的Vue应用程序中添加安全标头,vue.js,security,tomcat,Vue.js,Security,Tomcat,我有一个vue应用程序,部署在运行tomcat 9的服务器上。如何向所有页面添加功能策略和CT标题?向响应添加标题的筛选器类 import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.S
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
public class MyCustomHeadersFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResp = (HttpServletResponse) response;
HeaderResponseWrapper headerResponseWrapper = new HeaderResponseWrapper(httpResp);
headerResponseWrapper.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
headerResponseWrapper.setHeader("Pragma", "no-cache"); // HTTP 1.0.
headerResponseWrapper.setHeader("Expires", "0"); // Proxies.
chain.doFilter(request, headerResponseWrapper);
}
@Override
public void destroy() {
}
}
HeaderResponseWrapper类
import java.io.*;
import javax.servlet.http.*;
public class HeaderResponseWrapper extends HttpServletResponseWrapper {
private CharArrayWriter writer;
public HeaderResponseWrapper(HttpServletResponse response) {
super(response);
writer = new CharArrayWriter();
}
public PrintWriter getWriter() {
return new PrintWriter(writer);
}
public String toString() {
return writer.toString();
}
}
现在将这个类作为过滤器添加到tomcat的web.xml中,并将其映射到相关URL
<filter>
<filter-name>MyCustomHeadersFilter</filter-name>
<filter-class>com.headers.config.MyCustomHeadersFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyCustomHeadersFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
MyCustomHeadersFilter
com.headers.config.MyCustomHeadersFilter
MyCustomHeadersFilter
*.html
将标题添加到响应的筛选器类
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
public class MyCustomHeadersFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResp = (HttpServletResponse) response;
HeaderResponseWrapper headerResponseWrapper = new HeaderResponseWrapper(httpResp);
headerResponseWrapper.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
headerResponseWrapper.setHeader("Pragma", "no-cache"); // HTTP 1.0.
headerResponseWrapper.setHeader("Expires", "0"); // Proxies.
chain.doFilter(request, headerResponseWrapper);
}
@Override
public void destroy() {
}
}
HeaderResponseWrapper类
import java.io.*;
import javax.servlet.http.*;
public class HeaderResponseWrapper extends HttpServletResponseWrapper {
private CharArrayWriter writer;
public HeaderResponseWrapper(HttpServletResponse response) {
super(response);
writer = new CharArrayWriter();
}
public PrintWriter getWriter() {
return new PrintWriter(writer);
}
public String toString() {
return writer.toString();
}
}
现在将这个类作为过滤器添加到tomcat的web.xml中,并将其映射到相关URL
<filter>
<filter-name>MyCustomHeadersFilter</filter-name>
<filter-class>com.headers.config.MyCustomHeadersFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyCustomHeadersFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
MyCustomHeadersFilter
com.headers.config.MyCustomHeadersFilter
MyCustomHeadersFilter
*.html
您好,您能解决吗?我只在ApacheWebServer上找到了这样做的方法,但没有在ApacheTomcathello@Andres上找到。是的,我能够绕过它。我所做的是创建了一个自定义servlet过滤器,并将其添加到相关路径的tomcat配置中?。也许这对其他有同样问题的人会有很大的帮助,这篇文章可以标记为已解决。谢谢@Andres添加了这个类。你好,你能解决它吗?我只在ApacheWebServer上找到了这样做的方法,但没有在ApacheTomcathello@Andres上找到。是的,我能够绕过它。我所做的是创建了一个自定义servlet过滤器,并将其添加到相关路径的tomcat配置中?。也许这对其他有同样问题的人会有很大的帮助,这篇文章可以标记为已解决。谢谢@安德烈斯加入了这个班。