Jax-rs Development (iv): A cors solution for Ajax cross-domain access to rest services

Previous blog We solve the problem of Ajax cross-domain through JSONP, this article will solve the cross-domain problem through cors. Cors is new to HTML5 and requires a higher version of the browser to support it. I use IE11 and Chrome41, both of which support the Cors specification. Cors can refer to the following articles:

Cors specification
http://www.w3.org/TR/cors/

Cors Browser compatibility
http://caniuse.com/#search =cors

TOMCAT7 's Cors Solution
Http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

Cors Introduction
Http://www.cnblogs.com/Darren_code/p/cors.html

If you are using tomcat7+, you can use its own filter to turn on the Cros function. You only need to configure under Web. XML:

<filter>  <filter-name>CorsFilter</filter-name>  <filter-class> Org.apache.catalina.filters.corsfilter</filter-class></filter><filter-mapping>  < Filter-name>corsfilter</filter-name>  <url-pattern>/*</url-pattern></filter-mapping >

If you do not use the Cors filter for the Web container, you can configure the CXF Cros filter in Cxf-spring.xml.

<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "Http://www.springframework.org/schema/beans" xmlns: Xsi= "Http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxrs= "Http://cxf.apache.org/jaxrs" xsi:schemalocation= " http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/ Spring-beans-3.0.xsdhttp://cxf.apache.org/jaxrshttp://cxf.apache.org/schemas/jaxrs.xsd "><jaxrs:server address= "/rest" ><jaxrs:servicebeans><ref bean= "Nameserviceimpl"/></jaxrs:servicebeans>< Jaxrs:providers><bean class= "Org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter" ></ Bean></jaxrs:providers></jaxrs:server></beans>

Here's a special note: CXF filters allow us to configure alloworigins properties that allow those domains to be accessed across domains. However, if this property is set, CXF can still be accessed across domains under IE11, but it cannot be accessed across domains under Chrome. I don't know what the reason is. The Cors filter provided by Tomcat does not have this problem.

Finally, the cross-domain access to the JS code can be seen with normal JS no difference.

Cross-domain Access $.ajax ({  type: ' Get ',  URL: ' Http://10.61.48.173:8080/aty-rest/rest/rest/welcome ',  success: function (data) {alert (json.stringify (data));  }});

Finally, I enclose a few very good blogs:

Implementation principle of JSONP protocol
http://m.oschina.net/blog/204279
Http://www.open-open.com/lib/view/open1388316392141.html

Several solutions to cross-domain problems
http://segmentfault.com/a/1190000000718840



Jax-rs Development (iv): A cors solution for Ajax cross-domain access to rest services