要在Java中創(chuàng)建自定義CORS過濾器,請遵循以下步驟:
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>4.0.1</version>
<scope>provided</scope>
</dependency>
CORSFilter.java
的新Java類,并實現(xiàn)javax.servlet.Filter
接口:import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletResponse;
@WebFilter(asyncSupported = true, urlPatterns = { "/*" })
public class CORSFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) response;
// 設(shè)置CORS相關(guān)的HTTP頭
httpResponse.setHeader("Access-Control-Allow-Origin", "*");
httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
httpResponse.setHeader("Access-Control-Max-Age", "3600");
httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
在這個例子中,我們設(shè)置了以下CORS相關(guān)的HTTP頭:
Access-Control-Allow-Origin
: 允許所有來源訪問??梢詫⑵涓臑樘囟ǖ挠蛎蚴褂?code>*允許所有來源。Access-Control-Allow-Methods
: 允許的HTTP方法列表。Access-Control-Max-Age
: 預(yù)檢請求(preflight request)的結(jié)果被緩存的時間(以秒為單位)。Access-Control-Allow-Headers
: 允許的自定義請求頭列表。web.xml
文件中添加以下內(nèi)容: <filter-name>CORSFilter</filter-name>
<filter-class>com.example.CORSFilter</filter-class>
</filter><filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
現(xiàn)在,您已經(jīng)成功創(chuàng)建了一個自定義CORS過濾器,它將允許跨域訪問您的Java Web應(yīng)用程序。根據(jù)需要調(diào)整CORS相關(guān)的HTTP頭以滿足您的需求。