java session丢失_跨域造成session丢失
所以到現在都沒有解決方案么。。
update
我解決了。后端是Java springboot,前端是angular,跨域json通信。
cors方式,配置一個corsfilter,代碼如下:
package xxxxxx.component;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* Created by skyADMIN on 16/7/4.
*/
@Component
public class CORSFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.setHeader("Access-Control-Allow-Credentials","true"); //是否支持cookie跨域
chain.doFilter(req, res);
}
public void init(FilterConfig filterConfig) {}
public void destroy() {}
}
這個配置在不少地方應該都能找到,不同的主要是兩點:
1。response.setHeader("Access-Control-Allow-Credentials","true"); //是否支持cookie跨域
2。response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
首先,配置了allow-credentials之后,如果allow-origin設為*,跨域時會報錯說因為允許credentials,origin不能設為通配*,那所以設為簡單的某個domain也是可以的,這種寫法應該就是達到了任意domain都可以的效果吧。
然后angular部分也要設定個東西,舉個栗子~
angular.module('frontendApp')
.controller('MainCtrl', function ($scope, $http, $location) {
var action = 'islogin';
$http.get(apiUrl + action, {withCredentials: true}).then(function (response) {
console.log(response);
if (response.data === 0) {
$location.url('login');
}
})
});
恩就是這個$http.get(url, {withCredentials: true})。
ok就醬。
總結
以上是生活随笔為你收集整理的java session丢失_跨域造成session丢失的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: java key值_java-必须为此操
- 下一篇: java 压缩技术_Java压缩技术(三