1. 首页
  2. 问答
  3. 跨域请求被阻止,angularjs休息呼叫球衣api

跨域请求被阻止,angularjs休息呼叫球衣api

2016-06-21 104 views
3

我完全难住。我对AngularJS非常陌生,我试图给我的球衣服务器api打个电话,但我没有运气。它使用curl或Advanced Rest客户端(Chrome浏览器插件)。然而,当我尝试用我的angularjs应用程序打我的休息时,我收到以下内容:跨域请求被阻止,angularjs休息呼叫球衣api

“跨源请求被阻止:同源策略不允许读取远程资源http://localhost:8080/JerseyDemos/rest/employees(原因:CORS头'访问控制 - 允许 - 来源'丢失)。“

客户:我angularjs代码片段

$scope.login = function() { 

This lets me connect to my server on a different domain 
    $http.defaults.headers.common['Authorization'] = 'Basic ' + Base64.encode('username' + ':' + 'password'); 

    $http({method: 'GET', url: 'http://localhost:8080/JerseyDemos/rest/employees'}). 
    success(function(data) { 
    console.log(data) 
    }).

SERVER:我用的球衣框架

我的继承人CORS过滤器...

import java.io.IOException; 
import javax.ws.rs.container.ContainerRequestContext; 
import javax.ws.rs.container.ContainerResponseContext; 
import javax.ws.rs.container.ContainerResponseFilter; 

public class CorsResponseFilter implements ContainerResponseFilter { 

@Override 
public void filter(ContainerRequestContext request, 
        ContainerResponseContext response) throws IOException { 
    response.getHeaders().add("Access-Control-Allow-Origin", "*"); 
    response.getHeaders().add("Access-Control-Allow-Headers", 
      "origin, content-type, accept, authorization"); 
    response.getHeaders().add("Access-Control-Allow-Credentials", "true"); 
    response.getHeaders().add("Access-Control-Allow-Methods", 
      "GET, POST, PUT, DELETE, OPTIONS, HEAD"); 
}

}

应用类注册我的CORS过滤器

import com.howtodoinjava.jersey.provider.CorsResponseFilter; 
import org.glassfish.jersey.filter.LoggingFilter; 
import org.glassfish.jersey.server.ResourceConfig; 
import com.howtodoinjava.jersey.provider.AuthenticationFilter; 
import com.howtodoinjava.jersey.provider.GsonMessageBodyHandler; 
public class CustomApplication extends ResourceConfig { 
public CustomApplication() 
{ 
    packages("com.howtodoinjava.jersey"); 
    register(CorsResponseFilter.class); 
    register(LoggingFilter.class); 
    register(GsonMessageBodyHandler.class); 
    register(AuthenticationFilter.class); 
}

}

的web.xml 

<display-name>Archetype Created Web Application</display-name> 

<servlet> 
    <servlet-name>jersey-serlvet</servlet-name> 
    <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class> 
    <init-param> 
     <param-name>javax.ws.rs.Application</param-name> 
     <param-value>com.howtodoinjava.jersey.CustomApplication</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 

<servlet-mapping> 
    <servlet-name>jersey-serlvet</servlet-name> 
    <url-pattern>/rest/*</url-pattern> 
</servlet-mapping>

员工休息片断

@Provider 
@Path("/employees") 
public class JerseyService { 
@Path("/all") 
@RolesAllowed("ADMIN") 
@GET 
@Produces(MediaType.APPLICATION_JSON) 
public Response getAllEmployees() 
{ 
    Employees list = new Employees(); 
    list.setEmployeeList(new ArrayList<Employee>()); 

    list.getEmployeeList().add(new Employee(1, "Lokesh Gupta")); 
    list.getEmployeeList().add(new Employee(2, "Alex Kolenchiskey")); 
    list.getEmployeeList().add(new Employee(3, "David Kameron")); 

    return Response.status(200).entity(list).header("Access-Control-Allow-Origin", "GET, POST, PUT, DELETE, OPTIONS, HEAD").build(); 
}

来源

2016-06-21 Marquis Palmer

回答

2

这是谁是刚刚开始接触网络的人一个非常常见的错误服务,解决问题真的很简单,但s有时开发人员花费数小时努力寻找解决方案。它发生在创建Web服务并尝试从其他应用程序访问它时发生,因为您没有启用跨源资源共享(CORS),这意味着加载到一个域中的应用程序无法与来自不同域的资源。你所要做的就是启用CORS。

如何激活它将取决于您的场景,在本教程中,我将演示如何为在Glassfish上运行的Java EE应用程序启用CORS,我假设您有一个类似于EJB REST的Web服务这一个,当其他应用程序尝试使用它时,你会在你的萤火虫控制台上看到Cross-Origin Request Blocked错误,在这种情况下,你所要做的就是在你的应用程序中创建一个过滤器,就像创建一个类一样您的项目:

import java.io.IOException; 
import javax.servlet.Filter; 
import javax.servlet.FilterChain; 
import javax.servlet.FilterConfig; 
import javax.servlet.ServletException; 
import javax.servlet.ServletRequest; 
import javax.servlet.ServletResponse; 
import javax.servlet.http.HttpServletResponse; 

public class CORSFilter implements Filter { 

    @Override 
    public void init(FilterConfig filterConfig) throws ServletException { 
    } 

    @Override 
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, 
      FilterChain filterChain) throws IOException, ServletException { 
     final HttpServletResponse response = (HttpServletResponse) servletResponse; 
     response.setHeader("Access-Control-Allow-Origin", "*"); 
     response.setHeader("Access-Control-Allow-Credentials", "true"); 
     response.setHeader("Access-Control-Allow-Methods", "POST, GET, HEAD, OPTIONS"); 
     response.setHeader("Access-Control-Allow-Headers", "Origin, Accept, x-auth-token, " 
       + "Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"); 
     filterChain.doFilter(servletRequest, servletResponse); 
    } 

    @Override 
    public void destroy() { 

    } 

}

现在你必须在你的web.xml您的实际包名称注册的过滤器,将以下代码复制并替换“yourPackage”:

<filter> 
    <filter-name>cors</filter-name> 
    <filter-class>yourPackage.CORSFilter</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>cors</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping>

就是这样!现在您的应用程序将允许其资源与其他域共享。

Other Cross-Origin Request fix..

来源

2016-06-22 05:30:34

相关问题

 相关问题