All geek questions in one place

Tomcat "Access-Control-Allow-Origin" and JavaScript

I have a huge problem with CORS on my server. My server runs on Tomcat on localhost. On the server I have implemented several RestFul resources. For instance:

@Path("user")
public class UserService {
@GET
@Path("/{username}/{password}")
@Produces("text/plain")
public String checkLoginParameter(@PathParam("username") String username, @PathParam("password") String password) {
        String tempUserName = "";
        String tempPassword = "";
        String bool = "";

        EntityManager em = createEntityManager();
        try{
            User user = (User)em.createQuery("SELECT u FROM User u WHERE u.username='"+username+"' AND u.password='"+password+"'").getSingleResult();
            tempUserName = user.getUsername();
            tempPassword = user.getPassword();
        }
        catch(Exception e){}

        if(username.equals(tempUserName) && !username.isEmpty() && password.equals(tempPassword) && !password.isEmpty()){
            bool = "true";
        }
        else{
            bool = "false";
        }
        return bool;
   }      
}

Powered by Ressource. Now I want to access Ressource via JavaScript from another site. When I try to do this, I get an error message:

XMLHttpRequest cannot load http://localhost:8080/RSAppStore/user/poc/poc. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

I know that I am adding permission for CORS to my server. I do it like this:

web.xml:

<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
 <param-name>cors.allowOrigin</param-name>
    <param-value>*</param-value>
</init-param>
<init-param>
 <param-name>cors.supportedMethods</param-name>
    <param-value>GET, POST, HEAD, PUT, DELETE</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
    <param-name>cors.exposedHeaders</param-name>
    <param-value>Set-Cookie</param-value>
</init-param>
<init-param>
    <param-name>cors.supportsCredentials</param-name>
    <param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

JavaScript access:

<script type="text/javascript">
$(function(){
  $.ajax({
    type: "GET",
    crossDomain: true,
    url: "http://robosmart-appstore:robosmart@localhost:8080/RSAppStore/user/poc/poc",

    contentType: "text/plain",
    success: function( string ) {

      console.log(string);  


    },
    error:function () {
      console.log("err");
    }
  });
});
</script>

In addition, I added these 2 jars.

cors-filter-1.9.2.jar
java-property-utils-1.9.jar

I read so many examples and explanations on the Internet, but nothing works, and I don’t know what I am doing wrong.

+4
source share
1 answer

CORS tomcat angular.js.

- :

  • cors.supportedHeaders :

    <init-param>
    <param-name>cors.supportedHeaders</param-name>
    <param-value>Accept, Origin, X-Requested-With, Content-Type, Last-Modified</param-value>
</init-param>

  • , .

  • contentType :

    contentType: "application/x-www-form-urlencoded; charset=utf-8"

.

+3

Source: https://habr.com/ru/post/1538413/

More articles:


All Articles