You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Emi <em...@encs.concordia.ca> on 2017/03/17 15:57:34 UTC
ajax for https in struts
Hello,
Ajax methods work in http, but NOT https.
Seems due to cross-origin HTTP request.
May I know how to setup "Access-Control-Allow-Origin" in
struts/jsp/servlet please?
Have tried the following but did NOT work.
(1) mainlayout.jsp
response.addHeader("Access-Control-Allow-Origin", "*");
(2) web.xml
<filter>
<filter-name>cors</filter-name>
<filter-class>CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>cors</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
public class CORSFilter extends OncePerRequestFilter
{
@Override
protected void doFilterInternal(
HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain
) throws ServletException, IOException
{
response.addHeader("Access-Control-Allow-Origin", "*");
filterChain.doFilter(request, response);
}
}
example ajax method:
function test(str, url)
{
var xmlhttp;
if (str.length==0)
{
document.getElementById("txt_hint").innerHTML="";
return;
}
xmlhttp=new XMLHttpRequest();
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
var tmp = xmlhttp.responseText;
document.getElementById("txt_hint").innerHTML = tmp;
}
}
xmlhttp.open("POST", url + "?str=" + str, true);
xmlhttp.send();
}
Thanks a lot!
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: ajax for https in struts
Posted by Christoph Nenning <Ch...@lex-com.net>.
> From: Emi <em...@encs.concordia.ca>
> To: Struts Users Mailing List <us...@struts.apache.org>,
> Date: 17.03.2017 16:57
> Subject: ajax for https in struts
>
> Hello,
>
> Ajax methods work in http, but NOT https.
>
> Seems due to cross-origin HTTP request.
Can you be more precise, please?
What is the original URL and which URL do you try to access with AJAX?
>
> May I know how to setup "Access-Control-Allow-Origin" in
> struts/jsp/servlet please?
>
>
> Have tried the following but did NOT work.
>
> (1) mainlayout.jsp
> response.addHeader("Access-Control-Allow-Origin", "*");
>
AFAIK browsers send a special OPTIONS request to determine
"Access-Control-Allow-Origin". I don't think that you can just add that
header in a jsp.
>
> (2) web.xml
> <filter>
> <filter-name>cors</filter-name>
> <filter-class>CORSFilter</filter-class>
> </filter>
>
> <filter-mapping>
> <filter-name>cors</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> public class CORSFilter extends OncePerRequestFilter
> {
> @Override
> protected void doFilterInternal(
> HttpServletRequest request,
> HttpServletResponse response,
> FilterChain filterChain
> ) throws ServletException, IOException
> {
> response.addHeader("Access-Control-Allow-Origin", "*");
> filterChain.doFilter(request, response);
> }
> }
>
Tomcat provides a built in cors filter. Look at this flowchart of tomcat
docs:
https://tomcat.apache.org/tomcat-7.0-doc/images/cors-flowchart.png
As you can see it is quite complicated :)
Regards,
Christoph
>
>
>
> example ajax method:
>
> function test(str, url)
> {
> var xmlhttp;
> if (str.length==0)
> {
> document.getElementById("txt_hint").innerHTML="";
> return;
> }
> xmlhttp=new XMLHttpRequest();
>
> xmlhttp.onreadystatechange=function()
> {
> if (xmlhttp.readyState==4 && xmlhttp.status==200)
> {
> var tmp = xmlhttp.responseText;
> document.getElementById("txt_hint").innerHTML = tmp;
> }
> }
> xmlhttp.open("POST", url + "?str=" + str, true);
> xmlhttp.send();
> }
>
> Thanks a lot!
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
This Email was scanned by Sophos Anti Virus