1. 首頁
  2. 問答
  3. 春季數據REST(2.4.4.RELEASE)和CORS

春季數據REST(2.4.4.RELEASE)和CORS

2016-04-22 163 views
2

我想CORS支持通過以下塞巴斯蒂安·德勒茲建議在Spring Data Rest and Cors添加到Access JPA Data with RESTgs-accessing-data-rest-complete春季數據REST(2.4.4.RELEASE)和CORS

@Configuration 
public class ApplicationConfiguration { 
    @Bean 
    public CorsFilter corsFilter() { 

    UrlBasedCorsConfigurationSource source = 
     new UrlBasedCorsConfigurationSource(); 
    CorsConfiguration config = new CorsConfiguration(); 
    config.setAllowCredentials(true); // you USUALLY want this 
    config.addAllowedOrigin("*"); 
    config.addAllowedHeader("*"); 
    config.addAllowedMethod("GET"); 
    config.addAllowedMethod("PUT"); 
    source.registerCorsConfiguration("/**", config); 
    return new CorsFilter(source); 
    } 
}

,或者:

@Configuration 
public class ApplicationConfiguration { 
    @Bean 
    public FilterRegistrationBean corsFilter() { 
    UrlBasedCorsConfigurationSource source = 
     new UrlBasedCorsConfigurationSource(); 
    CorsConfiguration config = new CorsConfiguration(); 
    config.setAllowCredentials(true); 
    config.addAllowedOrigin("*"); 
    config.addAllowedHeader("*"); 
    config.addAllowedMethod("OPTIONS"); 
    config.addAllowedMethod("HEAD"); 
    config.addAllowedMethod("GET"); 
    config.addAllowedMethod("PUT"); 
    config.addAllowedMethod("POST"); 
    config.addAllowedMethod("DELETE"); 
    config.addAllowedMethod("PATCH"); 
    source.registerCorsConfiguration("/**", config); 
    // return new CorsFilter(source); 
    final FilterRegistrationBean bean = new FilterRegistrationBean(
     new CorsFilter(source) 
    ); 
    bean.setOrder(0); 
    return bean; 
    } 
}

但是這兩種配置導致相同的響應,不包括Access-Control-Allow-Origin標頭:

~> curl -v http://localhost:8080/people 
* Connected to localhost (::1) port 8080 (#0) 
> GET /people HTTP/1.1 
> Host: localhost:8080 
> Accept: */* 
< HTTP/1.1 200 OK 
< Server: Apache-Coyote/1.1 
< Content-Type: application/hal+json;charset=UTF-8 
< Transfer-Encoding: chunked 
< Date: Fri, 22 Apr 2016 21:29:26 GMT 
{ 
    "_embedded" : { 
    "people" : [ { 
     "firstName" : "Frodo", 
     "lastName" : "Baggins", 
     "_links" : { "self" : { 
      "href" : "http://localhost:8080/people/1" 
     }, "person" : { 
      "href" : "http://localhost:8080/people/1" 
     } } } ]  // for readability 
    }, "_links" : { 
    "self" : { 
     "href" : "http://localhost:8080/people" 
    }, "profile" : { 
     "href" : "http://localhost:8080/profile/people" 
    }, "search" : { 
     "href" : "http://localhost:8080/people/search" 
    } 
    }, "page" : { 
    "size" : 20, 
    "totalElements" : 1, 
    "totalPages" : 1, 
    "number" : 0 
    } 
* Connection #0 to host localhost left intact

的依賴關係的版本是:

~/gs-accessing-data-rest-complete> mvn dependency:tree 
[INFO] Scanning for projects... 
[INFO]                   
[INFO] ------------------------------------------------------------------------ 
[INFO] Building gs-accessing-data-rest 0.1.0 
[INFO] ------------------------------------------------------------------------ 
[INFO] 
[INFO] --- maven-dependency-plugin:2.10:tree (default-cli) @ gs-accessing-data-rest --- 
[INFO] org.springframework:gs-accessing-data-rest:jar:0.1.0 
[INFO] +- org.springframework.boot:spring-boot-starter-data-rest:jar:1.3.3.RELEASE:compile 
[INFO] | +- org.springframework.boot:spring-boot-starter:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.springframework.boot:spring-boot:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.springframework.boot:spring-boot-starter-logging:jar:1.3.3.RELEASE:compile 
[INFO] | | | +- ch.qos.logback:logback-classic:jar:1.1.5:compile 
[INFO] | | | | \- ch.qos.logback:logback-core:jar:1.1.5:compile 
[INFO] | | | +- org.slf4j:jul-to-slf4j:jar:1.7.16:compile 
[INFO] | | | \- org.slf4j:log4j-over-slf4j:jar:1.7.16:compile 
[INFO] | | +- org.springframework:spring-core:jar:4.2.5.RELEASE:compile 
[INFO] | | \- org.yaml:snakeyaml:jar:1.16:runtime 
[INFO] | +- org.springframework.boot:spring-boot-starter-web:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.springframework.boot:spring-boot-starter-tomcat:jar:1.3.3.RELEASE:compile 
[INFO] | | | +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.32:compile 
[INFO] | | | +- org.apache.tomcat.embed:tomcat-embed-el:jar:8.0.32:compile 
[INFO] | | | +- org.apache.tomcat.embed:tomcat-embed-logging-juli:jar:8.0.32:compile 
[INFO] | | | \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:8.0.32:compile 
[INFO] | | +- org.springframework.boot:spring-boot-starter-validation:jar:1.3.3.RELEASE:compile 
[INFO] | | | \- org.hibernate:hibernate-validator:jar:5.2.4.Final:compile 
[INFO] | | |  +- javax.validation:validation-api:jar:1.1.0.Final:compile 
[INFO] | | |  \- com.fasterxml:classmate:jar:1.1.0:compile 
[INFO] | | +- org.springframework:spring-web:jar:4.2.5.RELEASE:compile 
[INFO] | | \- org.springframework:spring-webmvc:jar:4.2.5.RELEASE:compile 
[INFO] | |  \- org.springframework:spring-expression:jar:4.2.5.RELEASE:compile 
[INFO] | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.5:compile 
[INFO] | +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.5:compile 
[INFO] | | \- com.fasterxml.jackson.core:jackson-core:jar:2.6.5:compile 
[INFO] | \- org.springframework.data:spring-data-rest-webmvc:jar:2.4.4.RELEASE:compile 
[INFO] |  +- org.springframework.data:spring-data-rest-core:jar:2.4.4.RELEASE:compile 
[INFO] |  | +- org.springframework.hateoas:spring-hateoas:jar:0.19.0.RELEASE:compile 
[INFO] |  | +- org.springframework.plugin:spring-plugin-core:jar:1.2.0.RELEASE:compile 
[INFO] |  | \- org.atteo:evo-inflector:jar:1.2.1:compile 
[INFO] |  +- com.github.fge:json-patch:jar:1.7:compile 
[INFO] |  | +- com.github.fge:jackson-coreutils:jar:1.6:compile 
[INFO] |  | | +- com.github.fge:msg-simple:jar:1.1:compile 
[INFO] |  | | | \- com.github.fge:btf:jar:1.2:compile 
[INFO] |  | | \- com.google.guava:guava:jar:16.0.1:compile 
[INFO] |  | \- com.google.code.findbugs:jsr305:jar:2.0.1:compile 
[INFO] |  +- org.slf4j:slf4j-api:jar:1.7.16:compile 
[INFO] |  \- org.slf4j:jcl-over-slf4j:jar:1.7.16:compile 
[INFO] +- org.springframework.boot:spring-boot-starter-data-jpa:jar:1.3.3.RELEASE:compile 
[INFO] | +- org.springframework.boot:spring-boot-starter-aop:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.springframework:spring-aop:jar:4.2.5.RELEASE:compile 
[INFO] | | | \- aopalliance:aopalliance:jar:1.0:compile 
[INFO] | | \- org.aspectj:aspectjweaver:jar:1.8.8:compile 
[INFO] | +- org.springframework.boot:spring-boot-starter-jdbc:jar:1.3.3.RELEASE:compile 
[INFO] | | +- org.apache.tomcat:tomcat-jdbc:jar:8.0.32:compile 
[INFO] | | | \- org.apache.tomcat:tomcat-juli:jar:8.0.32:compile 
[INFO] | | \- org.springframework:spring-jdbc:jar:4.2.5.RELEASE:compile 
[INFO] | +- org.hibernate:hibernate-entitymanager:jar:4.3.11.Final:compile 
[INFO] | | +- org.jboss.logging:jboss-logging:jar:3.3.0.Final:compile 
[INFO] | | +- org.jboss.logging:jboss-logging-annotations:jar:1.2.0.Beta1:compile 
[INFO] | | +- org.hibernate:hibernate-core:jar:4.3.11.Final:compile 
[INFO] | | | +- antlr:antlr:jar:2.7.7:compile 
[INFO] | | | \- org.jboss:jandex:jar:1.1.0.Final:compile 
[INFO] | | +- dom4j:dom4j:jar:1.6.1:compile 
[INFO] | | | \- xml-apis:xml-apis:jar:1.0.b2:compile 
[INFO] | | +- org.hibernate.common:hibernate-commons-annotations:jar:4.0.5.Final:compile 
[INFO] | | +- org.hibernate.javax.persistence:hibernate-jpa-2.1-api:jar:1.0.0.Final:compile 
[INFO] | | \- org.javassist:javassist:jar:3.18.1-GA:compile 
[INFO] | +- javax.transaction:javax.transaction-api:jar:1.2:compile 
[INFO] | +- org.springframework.data:spring-data-jpa:jar:1.9.4.RELEASE:compile 
[INFO] | | +- org.springframework.data:spring-data-commons:jar:1.11.4.RELEASE:compile 
[INFO] | | +- org.springframework:spring-orm:jar:4.2.5.RELEASE:compile 
[INFO] | | +- org.springframework:spring-context:jar:4.2.5.RELEASE:compile 
[INFO] | | +- org.springframework:spring-tx:jar:4.2.5.RELEASE:compile 
[INFO] | | \- org.springframework:spring-beans:jar:4.2.5.RELEASE:compile 
[INFO] | \- org.springframework:spring-aspects:jar:4.2.5.RELEASE:compile 
[INFO] \- com.h2database:h2:jar:1.4.191:compile 
[INFO] ------------------------------------------------------------------------ 
[INFO] BUILD SUCCESS 
[INFO] ------------------------------------------------------------------------ 
[INFO] Total time: 2.525 s 
[INFO] Finished at: 2016-04-22T15:42:32-06:00 
[INFO] Final Memory: 21M/609M 
[INFO] ------------------------------------------------------------------------

任何想法我做錯了嗎?

來源

2016-04-22 Jan Nielsen

回答

1

兩種配置都是正確的。只有在響應爲CORS請求時,纔會在響應中看到Access-Control*標題;試試這個用curl

curl -H "Origin: http://someotherorigin.com" -v http://localhost:8080/people

下面是輸出:

~> curl -H "Origin: http://someotherorigin.com" -v http://localhost:8080/people/1 
* Trying ::1... 
* Connected to localhost (::1) port 8080 (#0) 
> GET /people/1 HTTP/1.1 
> Host: localhost:8080 
> User-Agent: curl/7.42.1 
> Accept: */* 
> Origin: http://someotherorigin.com 
> 
< HTTP/1.1 404 Not Found 
< Server: Apache-Coyote/1.1 
< Access-Control-Allow-Origin: http://localhost:9001 
< Vary: Origin 
< Access-Control-Allow-Credentials: true 
< Content-Length: 0 
< Date: Sat, 23 Apr 2016 13:52:03 GMT 
< 
* Connection #0 to host localhost left intact

來源

2016-04-23 01:22:41

+0

謝謝@Biju Kunjummen!這正是'curl'觸發CORS請求所需要的。 –

+1

我在我的問題中測試了兩個應用程序配置,並且都使用您提供的正確的CORS'curl'請求。我稍微編輯了你的答案,清楚地表明我已經添加了實際輸出。 –

相關問題

 相關問題