无法使用 spring mvc 和 $http 访问 CORS 环境中的自定义标头

Posted 2023-03-04

【中文标题】无法使用 spring mvc 和 $http 访问 CORS 环境中的自定义标头

【英文标题】：Unable to access a customized header in CORS environment using spring mvc and $http

【发布时间】：2017-01-04 15:00:52

【问题描述】：

我对上述问题进行了广泛搜索，但找不到可行的解决方案。 请查看一些 imp 代码并提出建议。

// My factory method that returns a promise 
contactBackend : function(requestedMethod, requestedUrl,
                        requestedData) 
                    return $http(
                        method : requestedMethod,
                        url : backend + requestedUrl,
                        data : requestedData
                    );
                

//Actual Login method that calls the 
loginC.validateLogin = function() 
                welcomeMFactory.contactBackend("POST", "/rs/login",
                        loginC.user).then(
                        function(success) 
                            var msg = success.data.loginMsg;
                            if (msg == "login.valid") 
                                alert(JSON.stringify(success));
                                welcomeMFactory.moveToWidget("/home");
                             else 
                                loginC.error = welcomeMFactory.printMsg(
                                        true, msg);
                            
                        ,
                        function(error) 
                            loginC.error = welcomeMFactory.printMsg(true,
                                    "Unable to reach backend for login");
                        );
            

// SpringController.xml

<mvc:cors>
    <mvc:mapping path="/**" allowed-origins="http://localhost:8080"
        allowed-headers="content-type,authentication" exposed-headers="content-type,authentication" />
</mvc:cors>

//登录控制器

@Autowired
private LoginRespI response;

@Autowired
private ProxyHandler proxyHandler;

@Autowired
private LoginServiceImpl loginServiceImpl;

@RequestMapping(method = RequestMethod.POST)
public LoginRespB authenticateUserLogin(@RequestBody LoginReqB request, HttpServletResponse resp) 

    LoginDTO loginDTO = loginServiceImpl.validateLoginService(request.getUsername(), request.getPassword());
    if (loginDTO != null) 
        response.setLoginMsg("login.valid");
     else 
        response.setLoginMsg("login.invalid");
    

    Claims claims = Jwts.claims().setSubject("ABCDE");
    claims.put("ID", "12345");
    String toke = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, "ABCDE").compact();
    resp.setHeader("Authentication", "Bearer: " + toke);

    return (LoginRespB) (proxyHandler.getTargetObject(response));

OPTIONS req/resp headers

Login req/resp headers

【问题讨论】：

仍然无法解决这个问题...有什么建议吗..？

【参考方案1】：

将此方法添加到您的代码中，它将允许跨域请求

package org.codingpedia.demo.rest.util;

import java.io.IOException;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.core.MultivaluedMap;

public class CORSResponseFilter
implements ContainerResponseFilter 

public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException 

    MultivaluedMap<String, Object> headers = responseContext.getHeaders();

    headers.add("Access-Control-Allow-Origin", "*");
    //headers.add("Access-Control-Allow-Origin", "http://podcastpedia.org"); //allows CORS requests only coming from podcastpedia.org       
    headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");          
    headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");

【讨论】：

感谢您的输入......但请澄清......我的代码有什么问题......？