首先我们来了解一下,core 请求的原理:
core方式简单来说它用到的是过滤器,通过过滤器来配置response,
重点,过滤器的在web.xml的位置也起着重要影响,按自己的需求来处理
详细如下:
(1)如果想过滤action 请求来跨越
那么这个过滤器就要继承structs的过滤器,代码如下
web.xml配置过滤器信息
<filter>
<filter-name>AjaxFilter</filter-name>
<filter-class>com.gxuwz.core.util.AjaxFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AjaxFilter</filter-name>
<url-pattern>/biz/*</url-pattern> <!-- 这里过滤的是带/biz/的请求,例如<%=path%>/biz/test_method.action -->
</filter-mapping>
AjaxFilter过滤器代码
package com.gxuwz.core.util;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter;
public class AjaxFilter extends StrutsPrepareAndExecuteFilter { //这里继承了structs的过滤器
protected final Log logger = LogFactory.getLog(getClass());
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin","*");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Cookie");
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH");
response.setHeader("Access-Control-Allow-Credentials", "true");
chain.doFilter(request, response);
}
public void init(FilterConfig arg0) throws ServletException { }
}
提示:建议在web.xml中把这个过滤器放在structs过滤器的前面。这个过滤器继承了structs过滤器只对action请求进行过滤。
如果想过滤全部请求,就不要继承structs过滤器。
但我建议两个都写,只是位置要改变(web.xml)
例如:(假设)
<filter>
<filter-name>1</filter-name>
<filter-class>url</filter-class>
</filter>
<filter-mapping>
<filter-name>1</filter-name>
<url-pattern>/biz/*</url-pattern> <!-- 这里过滤的是带/biz/的请求,例如<%=path%>/biz/test_method.action -->
</filter-mapping>
<filter> <!--structs 特有过滤器 不需要自己写 -->
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter>
<filter-name>2</filter-name>
<filter-class>url</filter-class>
</filter>
<filter-mapping>
<filter-name>2</filter-name>
<url-pattern>/biz/*</url-pattern> <!-- 能过滤全部请求的过滤器 -->
</filter-mapping>
这里我提供一个 能过滤全部请求的过滤器
package com.gxuwz.core.util;
import java.io.IOException;
import java.net.URL;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
public class CrossDomainFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain) throws
ServletException, IOException {
String referer = request.getHeader("referer");
if (StringUtils.isNotBlank(referer)) {
URL url = new URL(referer);
String origin = url.getProtocol() + "://" + url.getHost();
response.addHeader("Access-Control-Allow-Origin", origin);
} else {
response.addHeader("Access-Control-Allow-Origin", "*");
}
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
response.addHeader("Access-Control-Allow-Headers", "Content-Type");
filterChain.doFilter(request, response);
}
}