java 服务器端解决跨域问题:现在很多开发的 API 都支持 ajax 直接请求,这样就会导致跨域的问题,解决跨域的问题一方面可以从前端,另一方面就是服务器端。既然是搞服务器端,做对外的 API 服务,当然是做到越简单越好,前端只需要傻傻的使用就好。
目前我接触来的情况是有 2 种实现方式,下面直接代码,你们根据自己项目情况,选择或者修改其中的代码,所有代码都是项目实战中运行的。第一种情况,比较简单,让所有的 controller 类继承自定义的 BaseController 类,改类中将对返回的头部做些特殊处理。
- public abstract class BaseController {
- /** * description:send the ajax response back to the client side * @param responseObj * @param response */
- protected void writeAjaxJSONResponse(Object responseObj, HttpServletResponse response) {
- response.setCharacterEncoding("UTF-8");
- response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1 response.setHeader("Pragma", "no-cache"); // HTTP 1.0 /** * for ajax-cross-domain request TODO get the ip address from * configration(ajax-cross-domain.properties) */ response.setHeader("Access-Control-Allow-Origin", "*"); response.setDateHeader("Expires", 0); // Proxies. PrintWriter writer = getWriter(response); writeAjaxJSONResponse(responseObj, writer); } /** * * @param response * @return */ protected PrintWriter getWriter(HttpServletResponse response) { if(null == response){ return null; } PrintWriter writer = null; try { writer = response.getWriter(); } catch (IOException e) { logger.error("unknow exception", e); } return writer; } /** * description:send the ajax response back to the client side. * * @param responseObj * @param writer * @param writer */ protected void writeAjaxJSONResponse(Object responseObj, PrintWriter writer) { if (writer == null || responseObj == null) { return; } try { writer.write(JSON.toJSONString(responseObj,SerializerFeature.DisableCircularReferenceDetect)); } finally { writer.flush(); writer.close(); } }}
接下来就是我们自己业务的 controller 了,其中主要是要调用 writeAjaxJSONResponse(result, response); 这个方法
- @Controller@RequestMapping(value = "/account") public class AccountController extends BaseController {@RequestMapping(value = "/add", method = RequestMethod.POST) public void addAccount(HttpSession session, HttpServletRequest request, HttpServletResponse response) {
- ViewerResult result = new ViewerResult(); //实现自己业务逻辑代码 writeAjaxJSONResponse(result, response); }}
- 好了,这种简单的方式就实现了。 接下来介绍第二种方式,filter。我们在写springMVC的时候,更喜欢的方式是通过@ResponseBody给返回对象进行封装直接返回给前端,这样简单而且容易。 如果使用@ResponseBody就不能使用第一种方法了,所有就使用filter给所有的请求都封装一下跨域,接下来直接实现代码:
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletResponse;
- public class HeadersCORSFilter implements Filter {@Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } @Override public void doFilter(ServletRequest request, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) servletResponse; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization"); response.setHeader("Access-Control-Allow-Credentials","true"); chain.doFilter(request, servletResponse); } @Override public void destroy() { // TODO Auto-generated method stub }}
好了,filter 实现了,然后就是要在 web.xml 里面把这个 filter 运用起来了。打开项目的 web.xml,填写下面的几行代码:
- cors xxx.xxxx.xxxxx.xxxx.HeadersCORSFilter cors / open
- /* */
- 好了,通过上面的2种方式,可以解决百分之80的跨域问题,也许还有更好的解决方案,可以提出来大家一起学习学习。最好的方案是最符合当前需求且易于扩展的。
就爱阅读 www.92to.com 网友整理上传, 为您提供最全的知识大全, 期待您的分享,转载请注明出处。
来源: http://www.92to.com/bangong/2017/04-11/20301869.html