我正在尝试配置 GWT 应用程序以使用不同的后端服务器(运行 Tomcat 7.0.26)。
我按照该网站的说明配置了 CORS 过滤器:http: //software.dzhuvinov.com/cors-filter-installation.html
我使用了示例 GWT 代码(Greetings App),并进行了以下修改:
在 GWT App 中,我在 RPC 调用之前添加了这一行:
((ServiceDefTarget) greetingService).setServiceEntryPoint("http://remoteserver/testcors/greet");我修改了 web.xml 并添加了 CORS 过滤器:
<filter> <!-- The CORS filter with parameters --> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <!-- Note: All parameters are options, if ommitted CORS Filter will fall back to the respective default values. --> <init-param> <param-name>cors.allowGenericHttpRequests</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.allowOrigin</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>cors.allowSubdomains</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>cors.supportedMethods</param-name> <param-value>GET, HEAD, POST, OPTIONS</param-value> </init-param> <init-param> <param-name>cors.supportedHeaders</param-name> <param-value>Content-Type, X-Requested-With</param-value> </init-param> <init-param> <param-name>cors.exposedHeaders</param-name> <param-value>X-Test-1, X-Test-2</param-value> </init-param> <init-param> <param-name>cors.supportsCredentials</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.maxAge</param-name> <param-value>3600</param-value> </init-param> </filter> <filter-mapping> <!-- CORS Filter mapping --> <filter-name>CORS</filter-name> <url-pattern>/testcors/greet</url-pattern> </filter-mapping>
如果我从“远程服务器”访问 TestCORS 应用程序,一切正常,我可以看到添加了这些标头:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://remoteserver
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: X-Test-2, X-Test-1
Content-Encoding: gzip
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8
Content-Length: 214
Date: Sun, 24 Feb 2013 15:12:42 GMT
但是,如果我访问在本地机器(127.0.0.1:8888)上运行的同一个 TestCORS GWT 应用程序,我会收到以下错误:
请求标头:
OPTIONS /testcors/greet HTTP/1.1
Host: remoteserver
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Access-Control-Request-Headers: x-gwt-module-base, x-gwt-permutation, origin, content-type
Accept: */*
Referer: http://127.0.0.1:8888/TestCORS.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
响应标头:
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 96
Date: Sun, 24 Feb 2013 15:14:38 GMT
我尝试了不同的浏览器(Chrome 版本 24.0.1312.57、Safari 版本 6.0.2 (8536.26.17)、Firefox 18.0.2、Opera 版本 12.14),我得到了服务器返回的相同错误 - HTTP 403。
我看到很少有人遇到类似的问题,但我无法找到解决方案:
非常感谢任何帮助!