问题
I'm developing a JavaFX application that is mostly a glorified web page. It's a desktop application (it's no embedded into a web page) and it has a Web View for the main UI. The application itself serves the sole purpose of accessing Bluetooth devices using Bluecove because that's not possible directly with JavaScript on a web browser.
The proof of concept works ok (I was able to call JavaScript code from Java and vice-versa) but I have one extra requirement of calling arbitrary web services/API from within JavaScript but this violates the same origin policy (similar to this on Android: Allow remote ajax calls in an Android Webview + jquery mobile). Is this possible on JavaFX? Any tips?
P.S.: I'm using JavaFX 2.2.
回答1:
Basically, javaFx has the issue which is coupled with CORS - https://javafx-jira.kenai.com/browse/RT-35868. Assuming that web services which you are using, have CORS enabled you can try the following approach:
System.setProperty("sun.net.http.allowRestrictedHeaders", "true")
OR
java -Dsun.net.http.allowRestrictedHeaders=true <your main class here>
Hope it will help you
回答2:
Since you are already running in JavaFX as a desktop application, you can do your JavaScript call via Java, where the same-origin policy does not apply.
Alternatively, this answer to the SO question you've posted seems to be a viable alternative.
回答3:
Look at this answer first, then look at my answer:How can I work around YouTube API embed restrictions like other websites?
if ("sun/net/www/protocol/http/HttpURLConnection".equals(className)) {
try {
CtClass ctClass = classPool.makeClass(new ByteArrayInputStream(classfileBuffer));
CtMethod method = ctClass.getDeclaredMethod("getFilteredHeaderFields");
// inject cross domain code
injectCrossDomain(method);
byteCode = ctClass.toBytecode();
ctClass.detach();
} catch (Exception e) {
e.printStackTrace();
throw new CatalinaException(e);
}
}
----------------injectCrossDomain----------------
private void injectCrossDomain(CtMethod method) throws CannotCompileException {
StringBuilder sb = new StringBuilder();
sb.append("if (this.filteredHeaders != null) {");
sb.append(" return this.filteredHeaders;");
sb.append("} else {");
sb.append(" java.util.HashMap var2 = new java.util.HashMap();");
sb.append(" java.util.Map var1;");
sb.append(" if (this.cachedHeaders != null) {");
sb.append(" var1 = this.cachedHeaders.getHeaders();");
sb.append(" } else {");
sb.append(" var1 = this.responses.getHeaders();");
sb.append(" }");
sb.append(" java.util.Iterator var3 = var1.entrySet().iterator();");
sb.append(" while(var3.hasNext()) {");
sb.append(" java.util.Map.Entry var4 = (java.util.Map.Entry)var3.next();");
sb.append(" String var5 = (String)var4.getKey();");
sb.append(" java.util.List var6 = (java.util.List)var4.getValue();");
sb.append(" java.util.ArrayList var7 = new java.util.ArrayList();");
sb.append(" java.util.Iterator var8 = var6.iterator();");
sb.append(" while(var8.hasNext()) {");
sb.append(" String var9 = (String)var8.next();");
sb.append(" String var10 = this.filterHeaderField(var5, var9);");
sb.append(" if (var10 != null) {");
sb.append(" var7.add(var10);");
sb.append(" }");
sb.append(" }");
sb.append(" if (!var7.isEmpty()) {");
// insert Access-Control-Allow-Origin:*
sb.append(" var2.put(\"Access-Control-Allow-Origin\", java.util.Collections.singletonList(\"*\"));");
// insert Access-Control-Allow-Headers:*
sb.append(" var2.put(\"Access-Control-Allow-Headers\", java.util.Collections.singletonList(\"*\"));");
sb.append(" var2.put(var5, java.util.Collections.unmodifiableList(var7));");
sb.append(" }");
sb.append(" }");
sb.append(" return this.filteredHeaders = java.util.Collections.unmodifiableMap(var2);");
sb.append("}");
method.setBody(sb.toString());
}
来源:https://stackoverflow.com/questions/16215844/javafx-webview-disable-same-origin-policy-allow-cross-domain-requests