Doing CORS manually

I'm trying to debug my web app, I have a POST request. (using ajax, with xhrFields: { withCredentials: true } ). dataType is 'application/json', my server is tomcat and i set my "Access-Control-Allow-Origin" header manually to "http://localhost:8080".

other headers: response.addHeader("Access-Control-Allow-Credentials", "true"); response.addHeader("Access-Control-Allow-Headers", "x-request-verification-token");

Cant get this to work. this is the error i get:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8080/MysServlet. (Reason: CORS header 'Access-Control-Allow-Origin' does not match 'http://localhost:8080').

thanks ahead!

---

If you want a configuration that apply to all your requests add in your web.xml the following filter:

<filter>
    <filter-name>originfilter</filter-name>
    <filter-class>it.damore.web.ApiOriginFilter</filter-class>
</filter>

<filter-mapping> 
    <filter-name>originfilter</filter-name>
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

This is the ApiOriginFilter class:

 public class ApiOriginFilter implements javax.servlet.Filter {
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        HttpServletResponse res = (HttpServletResponse) response;
        res.addHeader("Access-Control-Allow-Origin", "*");
        res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
        res.addHeader("Access-Control-Allow-Headers", "Content-Type");
        chain.doFilter(request, response);
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}

链接地址: http://www.djcxy.com/p/77394.html

上一篇: 如何在qt中设置小部件的绝对位置

下一篇: 手动进行CORS