我在使用 Atmosphere 框架 (https://github.com/Atmosphere/atmosphere) 构建的网络应用程序中启用 CORS 时遇到问题
我的请求类似于:
/**
* @constructor
* @extends {goog.events.EventTarget}
*
* @param {string} id The id.
* @param {string} url The url.
* @param {Object} request The request options.
*/
atom.Request = function(id, url, request) {
this.setParentEventTarget(core.inject(atom));
this.url = url;
this.requestOptions_ = {};
goog.object.extend(this.requestOptions_, request);
goog.object.extend(this.requestOptions_, {
'url' : url,
'onError' : goog.bind(this.onError, this),
'onClose' : goog.bind(this.onClose, this),
'onOpen': goog.bind(this.onOpen, this),
'fallbackTransport' : 'jsonp',
'onMessage' : goog.bind(this.onMessage, this),
'onMessagePublished': goog.bind(this.onMessagePublished, this),
'onReconnect': goog.bind(this.onReconnect, this),
'enableXDR': 'true',
'transport': 'streaming'
});
this.id_ = id;
this.request_ = $.atmosphere.subscribe(this.requestOptions_);
};
goog.inherits(atom.Request, goog.events.EventTarget);
在服务器(tomcat7.0.32)上,我的过滤器是transactioncompany cors过滤器(http://software.dzhuvinov.com/cors-filter.html)
web.xml:
<filter>
<filter-name>corsFilter</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowGenericHttpRequests</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>Origin, Content-Type, X-Requested-With, Access-Control-Allow-Origin</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.maxAge</param-name>
<param-value>3600</param-value>
</init-param>
</filter>
当我向客户发出请求时,我会得到
Access-Control-Allow-Origin 不允许 Origin http://localhost。
错误。
请求信息:
Request Headers
Cache-Control:no-cache
Origin:http://localhost
Pragma:no-cache
Referer:http://localhost/sportsdesk/build/development/en/application.html
User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1
Query String Parameters
X-Atmosphere-tracking-id:0
X-Atmosphere-Framework:1.1
X-Atmosphere-Transport:streaming
X-Cache-Date:0
_:1352918719739
对于这个问题,我现在真的没有想法了。有人能发现吗?
干杯, 麦克风。
最佳答案
将 cors.supportsCredentials 设置为“false”(如果您在 XHR 请求上设置 withCredentials,则可以随时重新启用它)。
关于java - CORS - 起源 http ://localhost is not allowed by Access-Control-Allow-Origin. 错误。,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/13398344/