小贝子编程

jQuery ajax应用程序和tomcat服务器的CORS实现/启用



尽管CORS上有数百个主题,但我找不到我想要的,或者没有什么能帮助我解决问题。

我的情况是

  • 我有一个应用程序正在运行http://localhost:8011其需要消耗在另一服务器上运行的一些服务http://localhost:8022

  • 我使用jQuery(1.7.1)ajax将另一台服务器中的服务调用为

var Request = '<?xml version="1.0" encoding="UTF-8"?> 
                    <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 
                      <SOAP-ENV:Body> 
                        <TicorRequest xmlns="urn:Ticor" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceName="Quote_Gen"> 
                          <WorkDocuments> 
                            <Premium_details id="Premium_details_id_1">                             
                              <quote_components id="Quote_components_id_1"> 
                                <AAC_Membership>400000</AAC_Membership> 
                                <Adjustment_fee>2000</Adjustment_fee>      
                              </quote_components> 
                            </Premium_details>                             
                          </WorkDocuments> 
                        </TicorRequest> 
                      </SOAP-ENV:Body> 
                    </SOAP-ENV:Envelope>';
var TicorService = $.ajax({
                            type: "POST",
                            processData: false,
                            url: "http://localhost:8022/axis/services/Ticor",
                            data: Request,
                            beforeSend: function(xhr){xhr.setRequestHeader('SOAPAction', 'urn:Ticor'); },                                                 
                            xhrFields: { withCredentials: false },          
                            contentType: "text/xml; charset="utf-8"",
                            crossDomain: true,                          
                            dataType: "xml",
                            success: function(data, status, req)
                            {
                              alert(data);
                            },
                            error: function(XMLHttpRequest, textStatus, errorThrown)
                            {
                              alert(errorThrown);
                            },
                            complete: function(XMLHttpRequest, textStatus)
                            {                           
                            }
                    });
  • 但我在Chrome中收到了以下错误消息

XMLHttpRequest无法加载http://localhost:8022/axis/services/Ticor.对飞行前请求的响应未通过访问控制检查:请求的资源上不存在"access control Allow Origin"标头。原点'http://localhost:8011因此不允许访问响应的HTTP状态代码为200

  • 然后,我尝试在Tomcat服务器的web.xml文件中添加以下内容(该文件为7.0.42)
    <filter>
      <filter-name>CorsFilter</filter-name>
      <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
      <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
      </init-param>
      <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
      </init-param>
      <init-param>
        <param-name>cors.allowed.headers</param-name>
        <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
      </init-param>
      <init-param>
        <param-name>cors.exposed.headers</param-name>
        <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
      </init-param>
      <init-param>
        <param-name>cors.support.credentials</param-name>
        <param-value>true</param-value>
      </init-param>
      <init-param>
        <param-name>cors.preflight.maxage</param-name>
        <param-value>10</param-value>
      </init-param>
    </filter>
    <filter-mapping>
      <filter-name>CorsFilter</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
  • 添加以上内容后,我得到了相同的错误消息,但带有。响应的HTTP状态代码为403

你能告诉我我在这里缺了什么吗?还是其他选择?

我遇到了同样的问题,发现在chrome中向localhost上的不同源源发出请求时总是会出现此错误。我试着在IE中运行,然后运行得很好。我在chrome中运行的解决方案是禁用chrome上的CORS-安全:

RUN-->Chrome.exe--禁用网络安全

这里有一个引用,指出chrome不支持本地主机处理CORS请求,请参阅链接:https://bugs.chromium.org/p/chromium/issues/detail?id=67743

另见stackoverflow帖子:致命CORS当http://localhost是的原点

您的javascript执行xhr.setRequestHeader('SOAPAction', 'urn:Ticor');以发送标头SOAPAction。但是这个不在cors.allowed.headers中。你必须修改web.xml中的过滤器配置:

<init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,SOAPAction</param-value>
</init-param>

更新

将参数值accept更改为Accept

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium