1. 首页
  2. 问答
  3. 谷歌App Engine和CORS

谷歌App Engine和CORS

2012-04-28 122 views
9

我有一个简单的应用程序(java servlet)托管在GAE上。该应用程序返回json数据。我已经设置了头信息为在servlet如下:谷歌App Engine和CORS

resp.setContentType("application/json"); 
resp.setHeader("Access-Control-Allow-Origin", "*"); 
resp.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS"); 
resp.setHeader("Access-Control-Allow-Credentials", "true");

这里的头信息,当我去到URL直接在应用程序引擎:

Request Method:GET 
Status Code:200 OK 
Request Headersview source 
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Cache-Control:max-age=0 
Connection:keep-alive 
Host:---------.appspot.com 
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko)   Chrome/18.0.1025.162 Safari/535.19 
Response Headersview source 
Access-Control-Allow-Credentials:true 
Access-Control-Allow-Methods:GET, POST, OPTIONS 
Access-Control-Allow-Origin:* 
Cache-Control:private 
Content-Encoding:gzip 
Content-Length:340 
Content-Type:application/json; charset=ISO-8859-1 
Date:Sat, 28 Apr 2012 19:14:58 GMT 
Server:Google Frontend 
Vary:Accept-Encoding

但是,当我尝试访问该网址从不同的域,我得到如下回应:

Request Method:OPTIONS 
Status Code:500 Internal Server Error 
Request Headersview source 
Accept:*/* 
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Access-Control-Request-Headers:origin, x-requested-with, accept 
Access-Control-Request-Method:GET 
Connection:keep-alive 
Host:----------.appspot.com 
Origin:http://--------------.com 
Referer:http://-------------.com/map/ 
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.162 Safari/535.19 
Response Headersview source 
Content-Length:466 
Content-Type:text/html; charset=UTF-8 
Date:Sat, 28 Apr 2012 19:15:14 GMT 
Server:Google Frontend

这里是确切的错误:

XMLHttpRequest cannot load http://----------.appspot.com/Locations. Origin http://-------------.com is not allowed by Access-Control-Allow-Origin.

试图访问GAE网址的代码看起来是这样的:

$.getJSON("http://---------appspot.com/Locations",function(result){ 
    for (i=0; i < result.length; i++)

任何帮助将是非常感激。

来源

2012-04-28 Sean D

+0

您的应用程序返回一个500,这可能意味着它抛出一个未捕获的异常。检查你的日志,看看为什么。 – 2012-04-30 06:14:35

回答

7

您需要重写标准的HttpServlet.doOptions()方法以支持正确的pre-flight request processing

@Override 
protected void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException 
{ 
    // pre-flight request processing 
    resp.setHeader("Access-Control-Allow-Origin", "*"); 
    resp.setHeader("Access-Control-Allow-Methods", SUPPORTED_METHODS); 
    resp.setHeader("Access-Control-Allow-Headers", SUPPORTED_HEADERS); 
} 

@Override 
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException 
{ 
    resp.setHeader("Access-Control-Allow-Origin", "*"); 
    resp.setContentType("application/json"); 

    // implementation... 
}

来源

2012-12-10 12:30:38

3

看起来您的请求早于preflight request,因为当请求OPTIONS <URL>时,服务器响应500(它应该用200 +特定标头响应)。

您可能想要查看HTML5rocks tutorial on CORS,特别是在解释预检请求(OPTIONS <url>请求,您的应用程序无法使用200 +所需标头回复)的服务器上添加CORS支持。

来源

2012-04-28 20:58:29 alex

0

这是另一种解决方案(为我工作):

  1. 配置CORS支持你的Java应用程序引擎项目:

随着MVN把你的pom.xml文件:

<!-- CORS Support for Jetty --> 
<dependency> 
    <artifactId>jetty-servlets</artifactId> 
    <groupId>org.eclipse.jetty</groupId> 
    <version>9.2.22.v20170606</version> 
</dependency>

或者下载jar文件:jetty-servlets.jar,把它放在你的WEB-INF/lib中

  • 配置web.xml文件:

    <filter> <filter-name>cross-origin</filter-name> <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class> <init-param> <param-name>allowedOrigins</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>allowedMethods</param-name> <param-value>GET,POST,HEAD</param-value> </init-param> <init-param> <param-name>allowedHeaders</param-name> <param-value>X-Requested-With,Content-Type,Accept,Origin</param-value> </init-param> </filter> <filter-mapping> <filter-name>cross-origin</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

    • 也许你需要改变allowedOrigins域值和一个自定义的URL。

    这就是所有,构建和快乐编码。

    对于aditional的信息:How to add Access-Control-Allow-Origin to jetty server

    来源

    2017-08-24 16:02:10 Heberth

    相关问题

     相关问题