java - CORS - 起源 http ://localhost is not allowed by Access-Control-Allow-Origin. 错误。

我在使用 Atmosphere 框架 (https://github.com/Atmosphere/atmosphere) 构建的网络应用程序中启用 CORS 时遇到问题

我的请求类似于:

/**
 * @constructor
 * @extends {goog.events.EventTarget}
 *
 * @param {string} id The id.
 * @param {string} url The url.
 * @param {Object} request The request options.
 */
atom.Request = function(id, url, request) {
  this.setParentEventTarget(core.inject(atom));
  this.url = url;
  this.requestOptions_ = {};
  goog.object.extend(this.requestOptions_, request);
  goog.object.extend(this.requestOptions_, {
    'url' : url,
    'onError' : goog.bind(this.onError, this),
    'onClose' : goog.bind(this.onClose, this),
    'onOpen': goog.bind(this.onOpen, this),
    'fallbackTransport' : 'jsonp',
    'onMessage' : goog.bind(this.onMessage, this),
    'onMessagePublished': goog.bind(this.onMessagePublished, this),
    'onReconnect': goog.bind(this.onReconnect, this),
    'enableXDR': 'true',
    'transport': 'streaming'
  });
  this.id_ = id;
  this.request_ = $.atmosphere.subscribe(this.requestOptions_);
};
goog.inherits(atom.Request, goog.events.EventTarget);

在服务器(tomcat7.0.32)上，我的过滤器是transactioncompany cors过滤器(http://software.dzhuvinov.com/cors-filter.html)

web.xml:

<filter>
    <filter-name>corsFilter</filter-name>
    <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>

      <init-param>
            <param-name>cors.allowGenericHttpRequests</param-name>
            <param-value>true</param-value>
       </init-param>
        <init-param>
            <param-name>cors.allowOrigin</param-name>
            <param-value>*</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportedMethods</param-name>
            <param-value>GET, HEAD, POST, OPTIONS</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportedHeaders</param-name>
            <param-value>Origin, Content-Type, X-Requested-With, Access-Control-Allow-Origin</param-value>
       </init-param>
        <init-param>
            <param-name>cors.supportsCredentials</param-name>
            <param-value>true</param-value>
       </init-param>
        <init-param>
            <param-name>cors.maxAge</param-name>
            <param-value>3600</param-value>
       </init-param>
</filter>

当我向客户发出请求时，我会得到 Access-Control-Allow-Origin 不允许 Origin http://localhost。 错误。

请求信息:

Request Headers 

Cache-Control:no-cache
Origin:http://localhost
Pragma:no-cache
Referer:http://localhost/sportsdesk/build/development/en/application.html
User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1

Query String Parameters

X-Atmosphere-tracking-id:0
X-Atmosphere-Framework:1.1
X-Atmosphere-Transport:streaming
X-Cache-Date:0
_:1352918719739

对于这个问题，我现在真的没有想法了。有人能发现吗？

干杯，麦克风。

最佳答案

将 cors.supportsCredentials 设置为“false”(如果您在 XHR 请求上设置 withCredentials，则可以随时重新启用它)。

关于java - CORS - 起源 http ://localhost is not allowed by Access-Control-Allow-Origin. 错误。，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/13398344/

java - CORS - 起源 http ://localhost is not allowed by Access-Control-Allow-Origin. 错误。

上一篇：具有单个日期字段的 Javabean 但需要使用日期范围对其进行搜索

下一篇：java - JPA 持久保存大 blob