Tomcat通过CORS解决跨域问题

如需转载请标明出处：http://blog.csdn.net/itas109 

QQ技术交流群：129518033

跨域资源共享（ CORS ） 简介：

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

跨域资源共享（ CORS ）机制允许 Web 应用服务器进行跨域访问控制，从而使跨域数据传输得以安全进行。浏览器支持在 API 容器中（例如 XMLHttpRequest 或 Fetch ）使用 CORS，以降低跨域 HTTP 请求所带来的风险。

解决的问题：

通过Ajax方式访问跨域的js。

相关文件下载：

http://download.csdn.net/detail/itas109/9821399

Tomcat通过CORS解决跨域问题

1.下载库文件

a.java-property-utils-1.9.1.jar

https://repo1.maven.org/maven2/com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar

b.java-property-utils-1.9.1.jar

http://search.maven.org/remotecontent?filepath=com/thetransactioncompany/java-property-utils/1.9.1/java-property-utils-1.9.1.jar

2.JAR放置路径

Tomcat有两种路径选择：

a.如果你打算利用CORS与一个单一的Web应用 把JAR文件放到

$CATALINA_HOME/webapps/<your-web-app>/WEB-INF/lib/

b.如果要CORS对所有Web应用程序全局有效，将JAR文件放在

$CATALINA_HOME/lib/

另外，如果你使用Maven构建的，添加下面的依赖到pom.xml

<dependency><groupId>com.thetransactioncompany</groupId><artifactId>cors-filter</artifactId><version>[ version ]</version></dependency>

3.添加CORS到web.xml文件

a.添加过滤器代码：

<filter><filter-name>CORS</filter-name><filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class></filter>

b.添加过滤器路由代码：

<filter-mapping>        <filter-name>CORS</filter-name>        <url-pattern>/*</url-pattern></filter-mapping>

web.xml修改demo

http://software.dzhuvinov.com/files/cors/web.xml.txt

<?xml version="1.0" encoding="UTF-8"?><web-app xmlns="http://java.sun.com/xml/ns/j2ee"         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"         version="2.4"><display-name>CORS demo</display-name><description>Simple CORS demo</description><servlet><!-- Some servlet --><servlet-name>HelloWorld</servlet-name><servlet-class>com.thetransactioncompany.cors.demo.HelloWorldServlet</servlet-class></servlet><servlet-mapping><!-- Some servlet mapping --><servlet-name>HelloWorld</servlet-name><url-pattern>/cors-resource.html</url-pattern></servlet-mapping><filter><!-- The CORS filter with parameters --><filter-name>CORS</filter-name><filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class><!-- Note: All parameters are options, if omitted the CORS      Filter will fall back to the respective default values.  --><init-param><param-name>cors.allowGenericHttpRequests</param-name><param-value>true</param-value></init-param><init-param><param-name>cors.allowOrigin</param-name><param-value>*</param-value></init-param><init-param><param-name>cors.allowSubdomains</param-name><param-value>false</param-value></init-param><init-param><param-name>cors.supportedMethods</param-name><param-value>GET, HEAD, POST, OPTIONS</param-value></init-param><init-param><param-name>cors.supportedHeaders</param-name><param-value>*</param-value></init-param><init-param><param-name>cors.exposedHeaders</param-name><param-value>X-Test-1, X-Test-2</param-value></init-param><init-param><param-name>cors.supportsCredentials</param-name><param-value>true</param-value></init-param><init-param><param-name>cors.maxAge</param-name><param-value>3600</param-value></init-param></filter><filter-mapping><!-- CORS Filter mapping --><filter-name>CORS</filter-name><url-pattern>/cors-resource.html</url-pattern></filter-mapping></web-app>

4.重启Tomcat

参考：

https://www.w3.org/TR/cors/

http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

http://software.dzhuvinov.com/cors-filter-installation.html

https://github.com/eBay/cors-filter

http://mvnrepository.com/artifact/com.thetransactioncompany/cors-filter/2.5

http://www.cnblogs.com/chiyouguli/p/4283349.html

觉得文章对你有帮助，可以用微信扫描二维码捐赠给博主，谢谢！

 如需转载请标明出处：http://blog.csdn.net/itas109 

QQ技术交流群：129518033