GlassFish: How to set Access-Control-Allow-Origin header

后端未结

关注

 4  726

没有蜡笔的小新 2020-12-05 21:49

I am using the latest version of GlassFish. I want to set the Access-Control-Allow-Origin header in response so that my API which is hosted on GlassFish can be called from a

4条回答

醉酒成梦 (楼主)

2020-12-05 22:28

In my case, the API requests are exclusively handled by Jersey, therefore I can set response headers in a ContainerResponseFilter:

package my.app;

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;

public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {

    @Override
    public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) {

        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept");

        return cresp;
    }
}

The filter gets enabled in web.xml:


    Gateway Servlet
    com.sun.jersey.spi.container.servlet.ServletContainer
    
        com.sun.jersey.spi.container.ContainerResponseFilters
        my.app.CrossOriginResourceSharingFilter
    
    1

If you don't use Jersey, I guess you can create a similar servlet response filter.

0 讨论(0)

查看其它4个回答