堆栈内存溢出
  简体   繁体   English

使dropwizard中的cors无法正常工作

[英]Enabling cors in dropwizard not working

 原文  2014-09-10 21:26:42       java/ dropwizard

问题描述

I'm working on a dropwizard application and js ui to interacte with the api. 我正在研究一个dropwizard应用程序和js ui来与api交互。 I need to load json data to update views but I have to enable cors in dropwizard before that. 我需要加载json数据来更新视图,但我必须在之前启用dropwizard中的cors。 I did some staff but it seems not working because dropwizard returns allways 204 no content. 我做了一些工作人员,但似乎没有工作因为dropwizard总是返回204没有内容。 

@Override
public void run(final BGConfiguration configuration, final Environment environment) throws Exception {
  final Map<String, String> params = new HashMap<>();
  params.put("Access-Control-Allow-Origin", "/*");
  params.put("Access-Control-Allow-Credentials", "true");
  params.put("Access-Control-Expose-Headers", "true");
  params.put("Access-Control-Allow-Headers", "Content-Type, X-Requested-With");
  params.put("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
  environment.servlets().addFilter("cors", CrossOriginFilter.class).setInitParameters(params);
}

4 个解决方案

解决方案1
 52 已采纳  2014-09-12 06:09:16

The bug here is that the filter hasn't been configured with a URL path via the addMappingForUrlPatterns method. 这里的错误是过滤器尚未通过addMappingForUrlPatterns方法配置URL路径。

This worked for me using dropwizard 0.7.1: 这对我使用dropwizard 0.7.1: 

import org.eclipse.jetty.servlets.CrossOriginFilter;
import javax.servlet.DispatcherType;
import java.util.EnumSet;

public void run(Configuration conf, Environment environment)  {
    // Enable CORS headers
    final FilterRegistration.Dynamic cors =
        environment.servlets().addFilter("CORS", CrossOriginFilter.class);

    // Configure CORS parameters
    cors.setInitParameter("allowedOrigins", "*");
    cors.setInitParameter("allowedHeaders", "X-Requested-With,Content-Type,Accept,Origin");
    cors.setInitParameter("allowedMethods", "OPTIONS,GET,PUT,POST,DELETE,HEAD");

    // Add URL mapping
    cors.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
}

I'm assuming you're testing this live in a browser, but you can verify via CLI with a curl command like this: 我假设您正在浏览器中进行实时测试,但您可以通过CLI验证这样的curl命令: 

$ curl -H "Origin: http://example.com" \
       -H "Access-Control-Request-Method: POST" \
       -H "Access-Control-Request-Headers: X-Requested-With" \
       -X OPTIONS --verbose \
       http://localhost:8080

You should see a bunch of Access-Control-* HTTP headers in the response. 您应该在响应中看到一堆Access-Control-* HTTP标头。

解决方案2
 7  2017-04-07 20:18:51

Adding to Mike Clarke's answer: 加入Mike Clarke的回答:

Setting the CHAIN_PREFLIGHT_PARAM to false will let this filter handle preflight requests without your authentication filters intercepting what would be a 200 response and turning them into unauthorized / forbidden. CHAIN_PREFLIGHT_PARAM设置为false将使此过滤器处理预检请求,而不会使您的身份验证过滤器拦截200响应并将其转换为未授权/禁止。 

import org.eclipse.jetty.servlets.CrossOriginFilter;
import javax.servlet.DispatcherType;
import java.util.EnumSet;

public void run(Configuration conf, Environment environment)  {
    // Enable CORS headers
    final FilterRegistration.Dynamic cors =
        environment.servlets().addFilter("CORS", CrossOriginFilter.class);

    // Configure CORS parameters
    cors.setInitParameter("allowedOrigins", "*");
    cors.setInitParameter("allowedHeaders", "X-Requested-With,Content-Type,Accept,Origin");
    cors.setInitParameter("allowedMethods", "OPTIONS,GET,PUT,POST,DELETE,HEAD");

    // Add URL mapping
    cors.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");

    // DO NOT pass a preflight request to down-stream auth filters
    // unauthenticated preflight requests should be permitted by spec
    cors.setInitParameter(CrossOriginFilter.CHAIN_PREFLIGHT_PARAM, Boolean.FALSE.toString());
}

I was surprised that I didn't find any examples on the interwebs that included this configuration. 我很惊讶我没有在包含此配置的互联网上找到任何示例。 Spent a few days trying to figure this out. 花了几天时间试图解决这个问题。

解决方案3
 1  2018-05-28 16:04:05

For me even after configuring the above, it was not working. 对我来说,即使配置了上述内容,也无法正常工作。 Ultimately it turned out that i have to also allow cache-control headers. 最终,我发现我还必须允许缓存控制头。 

filter.setInitParameter("allowedHeaders",
"Cache-Control,If-Modified-Since,Pragma,Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin");

解决方案4
 0  2019-09-06 10:37:05

you can try doing this: 你可以尝试这样做: 

final FilterRegistration.Dynamic cors =
        environment.servlets().addFilter("CORS", CrossOriginFilter.class);

// Configure CORS parameters
// Configure CORS parameters
cors.setInitParameter("allowedOrigins", "*");
cors.setInitParameter("allowedHeaders", “<Headers>”);
cors.setInitParameter("allowedMethods", "OPTIONS,GET,PUT,POST,");

// Add URL mapping
cors.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Dropwizard中启用对资源的验证 - Enabling validation on your resources in Dropwizard Dropwizard bean验证不起作用 - Dropwizard bean validation not working 使用CORS头过滤器与dropwizard 0.7.0 - Using CORS header filter with dropwizard 0.7.0 在Java Web Service中启用CORS - Enabling CORS in Java Web Service 在 Spring Boot 中全局启用 CORS - Enabling CORS globally in Spring Boot 在春季安全标签中启用CORS - Enabling CORS in spring security label Dropwizard项目的Maven执行无法正常工作 - Maven exec for Dropwizard project was not working 为什么dropwizard配置不起作用? - Why does dropwizard configuration is not working? Dropwizard 0.8.2管理端口不起作用 - Dropwizard 0.8.2 Admin Port is not working Dropwizard Metric Annotations @Timed无效 - Dropwizard Metric Annotations @Timed not working
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM