項目後臺用header的token字段接收token數據
String token = request.getHeader("token");
前端ajax請求報錯:
from origin 'http://192.168.1.100:8020' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
簡單來說就是,當在進行跨域請求的時候,如果是自定義請求頭,如添加自定義"token"字段,那麼HTTP請求會發出一個預檢請求,即OPTIONS請求,訪問服務器是否允許該請求,如果瀏覽器沒有進行跨域設置,則就會出現上面的錯誤。因爲header沒有token這個字段,識別不到
解決:
1、引入jar包
<dependency> <groupId>com.thetransactioncompany</groupId> <artifactId>cors-filter</artifactId> </dependency>
2、在Web.xml中添加CORS過濾器配置:
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, POST, HEAD, PUT, DELETE</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>token,Accept, Origin, X-Requested-With, Content-Type,
Last-Modified</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>Set-Cookie</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
注意: