我有一个带有resteasy提供的REST接口的Java应用程序服务器,并且下面有CORS过滤器
@Provider
public class CORSFilter implements ContainerResponseFilter {
public void filter(ContainerRequestContext cReq, ContainerResponseContext cResp) {
cResp.getHeaders().add("Access-Control-Allow-Origin", "*");
cResp.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization, auth-token");
cResp.getHeaders().add("Access-Control-Allow-Credentials", "true");
cResp.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
cResp.getHeaders().add("Access-Control-Max-Age", "1209600");
}
}
所有请求均以CORS标头返回:
OPTIONS 200 OK
Access-Control-Allow-Credentials:"true"
Access-Control-Allow-Headers:"origin, content-type, accept, authorization, auth-token"
Access-Control-Allow-Methods:"GET, POST, PUT, DELETE, OPTIONS, HEAD"
Access-Control-Allow-Origin:"*"
Access-Control-Max-Age:"1209600"
Allow:"HEAD, GET, OPTIONS"
Connection:"keep-alive"
Content-Length:"18"
Content-Type:"text/plain"
Date:"Thu, 15 Jan 2015 15:23:01 GMT"
Server:"WildFly/8"
除非当我有一个内部异常返回错误代码500时:
GET 500 Internal Server Error
Connection:"keep-alive"
Content-Length:"8228"
Content-Type:"text/html; charset=UTF-8"
Date:"Thu, 15 Jan 2015 15:23:01 GMT"
如何使500个响应包含这些标题?
@Provider
public class CorsExceptionMapper implements ExceptionMapper<Exception> {
@Override
public Response toResponse(Exception ex) {
ResponseBuilder responseBuilder = Response.serverError();
responseBuilder.header("Access-Control-Allow-Origin", "*");
responseBuilder.header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization, auth-token");
responseBuilder.header("Access-Control-Allow-Credentials", "true");
responseBuilder.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
responseBuilder.header("Access-Control-Max-Age", "1209600");
return responseBuilder.build();
}
}
为了避免重复标题,您应该使用:
cResp.getHeaders().putSingle()
在ContainerResponseFilter
。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句