1. 首頁
  2. 問答
  3. 谷歌App Engine和CORS

谷歌App Engine和CORS

2012-04-28 192 views
9

我有一個簡單的應用程序(java servlet)託管在GAE上。該應用程序返回json數據。我已經設置了頭信息爲在servlet如下:谷歌App Engine和CORS

resp.setContentType("application/json"); 
resp.setHeader("Access-Control-Allow-Origin", "*"); 
resp.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS"); 
resp.setHeader("Access-Control-Allow-Credentials", "true");

這裏的頭信息,當我去到URL直接在應用程序引擎:

Request Method:GET 
Status Code:200 OK 
Request Headersview source 
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Cache-Control:max-age=0 
Connection:keep-alive 
Host:---------.appspot.com 
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko)   Chrome/18.0.1025.162 Safari/535.19 
Response Headersview source 
Access-Control-Allow-Credentials:true 
Access-Control-Allow-Methods:GET, POST, OPTIONS 
Access-Control-Allow-Origin:* 
Cache-Control:private 
Content-Encoding:gzip 
Content-Length:340 
Content-Type:application/json; charset=ISO-8859-1 
Date:Sat, 28 Apr 2012 19:14:58 GMT 
Server:Google Frontend 
Vary:Accept-Encoding

但是,當我嘗試訪問該網址從不同的域,我得到如下回應:

Request Method:OPTIONS 
Status Code:500 Internal Server Error 
Request Headersview source 
Accept:*/* 
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Access-Control-Request-Headers:origin, x-requested-with, accept 
Access-Control-Request-Method:GET 
Connection:keep-alive 
Host:----------.appspot.com 
Origin:http://--------------.com 
Referer:http://-------------.com/map/ 
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.162 Safari/535.19 
Response Headersview source 
Content-Length:466 
Content-Type:text/html; charset=UTF-8 
Date:Sat, 28 Apr 2012 19:15:14 GMT 
Server:Google Frontend

這裏是確切的錯誤:

XMLHttpRequest cannot load http://----------.appspot.com/Locations. Origin http://-------------.com is not allowed by Access-Control-Allow-Origin.

試圖訪問GAE網址的代碼看起來是這樣的:

$.getJSON("http://---------appspot.com/Locations",function(result){ 
    for (i=0; i < result.length; i++)

任何幫助將是非常感激。

來源

2012-04-28 Sean D

+0

您的應用程序返回一個500,這可能意味着它拋出一個未捕獲的異常。檢查你的日誌,看看爲什麼。 – 2012-04-30 06:14:35

回答

7

您需要重寫標準的HttpServlet.doOptions()方法以支持正確的pre-flight request processing

@Override 
protected void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException 
{ 
    // pre-flight request processing 
    resp.setHeader("Access-Control-Allow-Origin", "*"); 
    resp.setHeader("Access-Control-Allow-Methods", SUPPORTED_METHODS); 
    resp.setHeader("Access-Control-Allow-Headers", SUPPORTED_HEADERS); 
} 

@Override 
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException 
{ 
    resp.setHeader("Access-Control-Allow-Origin", "*"); 
    resp.setContentType("application/json"); 

    // implementation... 
}

來源

2012-12-10 12:30:38

3

看起來您的請求早於preflight request,因爲當請求OPTIONS <URL>時,服務器響應500(它應該用200 +特定標頭響應)。

您可能想要查看HTML5rocks tutorial on CORS,特別是在解釋預檢請求(OPTIONS <url>請求,您的應用程序無法使用200 +所需標頭回復)的服務器上添加CORS支持。

來源

2012-04-28 20:58:29 alex

0

這是另一種解決方案(爲我工作):

  1. 配置CORS支持你的Java應用程序引擎項目:

隨着MVN把你的pom.xml文件:

<!-- CORS Support for Jetty --> 
<dependency> 
    <artifactId>jetty-servlets</artifactId> 
    <groupId>org.eclipse.jetty</groupId> 
    <version>9.2.22.v20170606</version> 
</dependency>

或者下載jar文件:jetty-servlets.jar,把它放在你的WEB-INF/lib中

  • 配置web.xml文件:

    <filter> <filter-name>cross-origin</filter-name> <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class> <init-param> <param-name>allowedOrigins</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>allowedMethods</param-name> <param-value>GET,POST,HEAD</param-value> </init-param> <init-param> <param-name>allowedHeaders</param-name> <param-value>X-Requested-With,Content-Type,Accept,Origin</param-value> </init-param> </filter> <filter-mapping> <filter-name>cross-origin</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

    • 也許你需要改變allowedOrigins域值和一個自定義的URL。

    這就是所有,構建和快樂編碼。

    對於aditional的信息:How to add Access-Control-Allow-Origin to jetty server

    來源

    2017-08-24 16:02:10 Heberth

    相關問題

     相關問題