项目中遇到跨域问题。所以记录下。
项目A (ajax方式)请求到项目B 。
一:需要在B中 做些配置 添加个过滤器
我的是SpringMVC的.
package net.pt365.cms.api.spring.security;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* CorsFileter 功能描述:CORS过滤器
* @author
*/
@Component
public class CorsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request=(HttpServletRequest)servletRequest;
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));//request.getHeader("Origin")
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "0");
response.setHeader("P3P","CP=CAO PSA OUR");
response.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("XDomainRequestAllowed","1");
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
这样的话就能实现跨域了。如果单单实现跨域,上面有些不必要的语句,不过写了不会错。。
只做这样的配置会导致 跨域后session丢失。也就是session不一致的问题。最后结果就是 比如没登陆这种问题,
所以,还有ajax配置。
二:前台ajax写法
var transformurl ="http://127.0.0.1:231/app/document/transform.do"; //跨域请求
$.ajax({
url:transformurl,
data:{url:fileurl},
method:"post",xhrFields:{withCredentials: true},crossDomain: true,
success:function(res){
//console.log();
}
});
xhrFields:{withCredentials: true},crossDomain: true,
response.setHeader("P3P","CP=CAO PSA OUR");//这句是过滤器中的配置
对的起作用就是这2句。。解决了session不一致的问题 。
好了。完美!