Java RESTful服务的Jquery调用不工作CORS

我在Tomcat 7上部署了一个rest服务并正在运行。 我可以通过浏览器获取响应数据,但是当我通过jQuery尝试它时,它显示错误。 请检查快照。 

@Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpReq = (HttpServletRequest) req; HttpServletResponse httpRes = (HttpServletResponse) res; //System.out.println("Client Ip is : "+ SecurityFilter.getClientIpAddr(httpReq)); String domain = new URL(httpReq.getRequestURL().toString()).getHost(); //System.out.println("Domain is " + domain); // referrer String referrer = httpReq.getHeader("referer"); //System.out.println("Referral URL is -" + referrer); // Security Key String securityKey = httpReq.getParameter("secKey"); //System.out.println("Security Key Parameter " + securityKey); // Origin // No Origin header present means this is not a cross-domain request String clientOrigin = httpReq.getHeader("Origin"); //System.out.println("Origin of the Request " + clientOrigin); // CORS implementation httpRes.addHeader("Access-Control-Allow-Origin", "*"); httpRes.addHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS"); // httpRes.addHeader("Access-Control-Allow-Origin", clientOrigin); if ("OPTIONS".equalsIgnoreCase(httpReq.getMethod())) { httpRes.addHeader("Access-Control-Allow-Credentials", "true"); } ValidateClient vl = new ValidateClient(); String secKey = "fmg_seckey"; //"SEC_1";; String clientUrl = "fmggroup.com";//"www.xyzclient1.com"; // if request is coming from third party. Referral will be null if all // request is from same server. if (referrer != null) { clientUrl = referrer.split("/")[2]; secKey = securityKey; } //System.out.println("Security Key " + secKey); //System.out.println("Domain Name for the client " + clientUrl); if (vl.isValidClient(secKey, clientUrl)) { // httpReq.getRequestDispatcher("/intellixservices/activetime").forward(httpReq,httpRes); chain.doFilter(httpReq, httpRes); } else { httpRes.sendError(HttpServletResponse.SC_UNAUTHORIZED,"Not Authorised"); // httpReq.getRequestDispatcher("/intellixservices/exception").forward(httpReq, // httpRes); } }

在资源类中: 

 // CORS implementation private String corsHeaders; private Response makeCORS(ResponseBuilder responseBuilder, String returnMethod) { ResponseBuilder rb = responseBuilder.header("Access-Control-Allow-Origin", "*") .header("Access-Control-Allow-Methods", "GET, POST, OPTIONS"); if (!"".equals(returnMethod)) { rb.header("Access-Control-Allow-Headers", returnMethod); } return rb.build(); } private Response makeCORS(ResponseBuilder responseBuilder) { return makeCORS(responseBuilder, corsHeaders); } @OPTIONS public Response getEmployee(@HeaderParam("Access-Control-Request-Headers") String request) { corsHeaders = request; return makeCORS(Response.ok(), request); }

然后回来 

 Response response = Response.status(404).build(); if (mf != null) { response = makeCORS(Response.status(200).entity(mf)); } else { response = makeCORS(Response.status(500)); } return response;

我无法解决它。 请建议。

在此处输入图像描述

这是我的jQuery调用: – 

      (function($) { var url = 'http://localhost:8888/IntellixWebApi/intellixservices/dnareport/MTk3MC0wOS0wNFQwNjowNTowMA==/NDEuNTU4MTUyNSA=/LTczLjA1MTQ5NjYg/QW1lcmljYS9OZXdfWW9yaw==/MTpBOjB8QToxOjF8MToxOjE=/json'; $.ajax({ type: 'GET', url: url, async: true, contentType: 'application/json', success: function(response) { alert("success"); }, error: function(xhr) { alert('Error! Status = ' + xhr.status + " Message = " + xhr.statusText); } }); })(jQuery);

我经过大量的谷歌搜索后以任何方式解决了这个问题。 我在web.xml中添加了CORSfilter和java实用程序jarfilter以及一些配置更改。 这些链接非常有用

链接1

链接2

谢谢大家的帮助。

可以将以下内容添加到响应中,它可以防止CORS问题: 

 Response.status(200) .header("Access-Control-Allow-Origin", request.getHeader("Origin")) .header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization") .header("Access-Control-Allow-Credentials", "true") .header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD") .header("Access-Control-Max-Age", "1209600") .entity(applicationSyncService.buildApplicationData()) .build();

响应的类型为:HttpServletRequest。 但这可能是安全漏洞。

您可以像这样从jquery进行调用: 

 $.ajax({ xhrFields: { withCredentials: true }, type: 'GET', url: server + '/hello', dataType: 'json', async: true, success: function(data){ if(data.connected){ //your code }, error: function(a, b, c){ } });

这是一个更简单的解决方案,无需使用filter。

Interesting Posts

使用php代理的跨域Ajax GET请求

为什么Firebug网络和控制台结果不同

CORS问题:获取错误“No’Access-Control-Allow-Origin’标题存在”实际存在时

Angular $ http.get和jQuery $ .getJSON错误,但URL在自己的选项卡中打开正常

关于跨源资源共享(CORS)如何工作的困惑

当API不允许Access-Control-Allow-Origin时该怎么办

读取和解析unicode json数据在IE和FF中不起作用

Jquery AJAX:请求的资源上没有“Access-Control-Allow-Origin”标头

jQuery Ajax – 来自Localhost的POST生成没有’Access-Control-Allow-Origin’标头

基于jQuery AJAX SOAP的Web服务和CORS(跨域资源共享)