Use Cors to achieve JS cross-domain access to Tomcat resources

The first step: page JS code:

functioncreatecorsrequest (method, url) {varXHR =NewXMLHttpRequest (); if("Withcredentials"inchxhr) {Xhr.open (method, URL,true); } Else if(typeofXdomainrequest! = "undefined") {XHR=Newxdomainrequest ();    Xhr.open (method, URL); } Else{XHR=NULL; }    returnxhr;}varRequest = Createcorsrequest ("Get", "http://192.168.5.221:8080/");if(Request) {Request.onreadystatechange=function(){        if(Request.readystate = = 4 && request.status = 200) {            varResponse =Request.responsetext; Console.log (Response)} request.send ();}

Step Two: Create the following two XML files under the Webapps/root directory under the Tomcat server
ClientAccessPolicy.xml

<?XML version= "1.0" encoding= "Utf-8"?><Access-policy>  <cross-domain-access>    <Policy>        <Allow-fromhttp-request-headers="*">          <DomainURI="*"/>        </Allow-from>        <grant-to>          <ResourcePath="/"include-subpaths= "true"/>        </grant-to>      </Policy>    </cross-domain-access>  </Access-policy>  

Crossdomain.xml

<? XML version= "1.0" ?>    < Cross-domain-policy >    <  domain= "*"/>    </cross-domain-policy >

Step three: In the Tomcat server under Conf/web.xml, or in Project Web-inf/web.xml, I chose to configure the filter under the project. I have verified two, one is the Cors filter under Tomcat, and the other is the filter under Cors-filter-1.7.jar. I've tested both, no problem.

The filter configuration for applying Tomcat is as follows: Parameter cors.alloworigin can specify a specific source to access

<Filter>  <Filter-name>Corsfilter</Filter-name>  <Filter-class>Org.apache.catalina.filters.CorsFilter</Filter-class>  <Init-param>    <Param-name>Cors.allowed.origins</Param-name>    <Param-value>*</Param-value>  </Init-param>  <Init-param>    <Param-name>Cors.allowed.methods</Param-name>    <Param-value>Get,post,head,options,put</Param-value>  </Init-param>  <Init-param>    <Param-name>Cors.allowed.headers</Param-name>    <Param-value>Content-type,x-requested-with,accept,origin,access-control-request-method,access-control-request-headers</Param-value>  </Init-param>  <Init-param>    <Param-name>Cors.exposed.headers</Param-name>    <Param-value>Access-control-allow-origin,access-control-allow-credentials</Param-value>  </Init-param>  <Init-param>    <Param-name>Cors.support.credentials</Param-name>    <Param-value>True</Param-value>  </Init-param>  <Init-param>    <Param-name>Cors.preflight.maxage</Param-name>    <Param-value>10</Param-value>  </Init-param></Filter><filter-mapping>  <Filter-name>Corsfilter</Filter-name>  <Url-pattern>/*</Url-pattern></filter-mapping>

Or apply Cors-filter-1.7.jar, also need Java-property-utils-1.9.jar, can in http://mvnrepository.com/artifact/ Com.thetransactioncompany/cors-filter Select a version to import Pom.xml, the jar package is imported automatically.

The configuration is as follows: Parameter cors.alloworigin can specify a specific source to access

<Filter>    <Filter-name>CORS</Filter-name>    <Filter-class>Com.thetransactioncompany.cors.CORSFilter</Filter-class>    <Init-param>     <Param-name>Cors.alloworigin</Param-name>        <Param-value>*</Param-value>    </Init-param>    <Init-param>     <Param-name>Cors.supportedmethods</Param-name>        <Param-value>GET, POST, HEAD, PUT, DELETE</Param-value>    </Init-param>    <Init-param>     <Param-name>Cors.supportedheaders</Param-name>        <Param-value>Accept, Origin, X-requested-with, Content-type, last-modified</Param-value>    </Init-param>    <Init-param>        <Param-name>Cors.exposedheaders</Param-name>        <Param-value>Set-cookie</Param-value>    </Init-param>    <Init-param>        <Param-name>Cors.supportscredentials</Param-name>        <Param-value>True</Param-value>    </Init-param></Filter><filter-mapping>    <Filter-name>CORS</Filter-name>    <Url-pattern>/*</Url-pattern></filter-mapping>

The first time to write a blog, what bad Place, welcome to guide!

Reference documents:

http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/

Http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

http://ibleave60.blog.51cto.com/2669415/1208652

http://blog.csdn.net/liumm0000/article/details/8443550

Use Cors to achieve JS cross-domain access to Tomcat resources