1

我在尝试使用 GWT 客户端访问 REST Web 服务时遇到了这个问题。我检查了 chrome 页面,然后我从控制台收到以下错误

XMLHttpRequest cannot load http://localhost:8080/RestWeb/webresources/generic/get. Origin http://127.0.0.1:8888 is not allowed by Access-Control-Allow-Origin.

以下是我的客户端代码

public void onModuleLoad() {

    RequestBuilder builder = new RequestBuilder(RequestBuilder.GET,
            "http://localhost:8080/RestWeb/webresources/generic/get");

    builder.setCallback(new RequestCallback() {

        @Override
        public void onResponseReceived(Request request, Response response) {

            Window.alert("onResponseReceived");

        }

        @Override
        public void onError(Request request, Throwable exception) {

        }
    });
    builder.setHeader("Content-Type",
            "text/plain,application/json,text/xml");

    builder.setHeader("Access-Control-Allow-Methods",
            "PUT, GET, POST, DELETE, OPTIONS");
    builder.setHeader("Access-Control-Allow-Headers", "Content-Type");
    builder.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:8888");
try {
            builder.send();
        } catch (RequestException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }
}

我的服务器端代码是:

@Path("generic")
@WebService
public class GenericResource {

@Context
private UriInfo context;
@Context
private HttpServletResponse response;
private String content = "content";

/**
 * Creates a new instance of GenericResource
 */
public GenericResource() {
}

@GET

@Path("/get")
@Produces("application/json,text/plain")
public String getXml() {
    System.out.println("GET");
    //response.addHeader(content, content);

    return this.content + " from get method";

}
}

我尝试了不同的方式来获得答案。请帮我。

4

2 回答 2

2

您需要更改服务器代码以支持 CORS。

一种选择是过滤器:

public class CorsFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {
        if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
            // CORS "pre-flight" request
            response.addHeader("Access-Control-Allow-Origin", "*");
            response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
            response.addHeader("Access-Control-Allow-Headers", "Content-Type");
            response.addHeader("Access-Control-Max-Age", "1800");//30 min
        }
        filterChain.doFilter(request, response);
    }
}

web.xml 也需要添加以下内容:

  <filter>
    <filter-name>cors</filter-name>
    <filter-class>com.xxx.CorsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>cors</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
于 2013-01-10T06:28:31.260 回答
0

由于这是一个老问题,如果有人今天面临类似的问题 - 他或她可能想考虑使用一个很好的“CORS 过滤器”,以完全透明的方式为您处理所有 CORS 内容。这是链接

于 2013-04-06T20:39:54.380 回答