【发布时间】:2017-09-08 11:53:09
【问题描述】:
我基于Blade CLI blade.rest 示例部署了一个OSGi 模块,并对其进行了修改以返回响应而不是纯文本。这是课程:
package com.autentia.api.rest.users;
import org.osgi.service.component.annotations.Component;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.ApplicationPath;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.Collections;
import java.util.Set;
@ApplicationPath("/users")
@Component(
immediate = true, property = {"jaxrs.application=true"},
service = Application.class
)
public class UsersRestService extends Application {
@Override
public Set<Object> getSingletons() {
return Collections.singleton(this);
}
@GET
@Path("/")
@Produces(MediaType.APPLICATION_JSON)
public Response getUsers(@Context HttpServletRequest request) {
System.out.println(request.getRemoteAddr());
String json = "{\n" + " \"value\": \"ok\"\n" + "}";
return Response
.status(200)
.header("Access-Control-Allow-Origin", "*")
.entity(json)
.build();
}
}
(如果我删除 .header("Access-Control-Allow-Origin", "*"),这将在本地工作。)
当我向服务器提出请求时出现问题,响应具有两个 Access-Control-Access-Origin 属性,一个设置为“*”(这是我想要的),一个设置为它所在的 ip发送。响应如下:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Access-Control-Allow-Origin:*
Content-Length:19
Content-Type:application/json
Date:Wed, 12 Apr 2017 15:23:38 GMT
Server:Apache-Coyote/1.1
Set-Cookie:JSESSIONID=CF771CD0FAECDAF226D153FB05875CC3; Path=/; HttpOnly
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-URL:http://localhost:8080/o/api/users
X-XSS-Protection:1
如您所见,有两个 Access-Control-Allow-Origin 不被接受。我应该从哪里开始寻找?我应该修改 Tomcat 的 web.xml 吗?我查看了portal.properties 和system.properties,但没有看到启用该标头的属性。
谢谢。
【问题讨论】:
标签: java rest cors liferay jax-rs