在RestAngular请求中发送一个Cookie

Send a Cookie in a RestAngular request

本文关键字：一个 Cookie RestAngular 请求更新时间：2023-09-26

我得到了一个矩形。getAll函数,

当我调用它时，cookie不包括在API请求中，不像获得的HTML请求。

如果我强制a:

Restangular.setDefaultHeaders({ Cookie: function() { return "foo " + $cookies.get('foo'); } })

错误是:

Refused to set unsafe header "Cookie"

如果我添加到app.config:

RestangularProvider.setDefaultHttpFields({
    withCredentials: true
});

错误是:

XMLHttpRequest cannot load [*link*] A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true.
 Origin [*host*] is therefore not allowed access. 
The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.

请注意host和link是page link和host link的缩写。

编辑:

我的CORSFilter在春天:

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter {
    public CORSFilter() {
    }
    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) res;
        HttpServletRequest request = (HttpServletRequest) req;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, content-type");
        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
        } else {
            chain.doFilter(req, res);
        }
    }
    @Override
    public void init(FilterConfig filterConfig) {
    }
    @Override
    public void destroy() {
    }
}

你的服务器必须为Access-Control-Allow-Origin返回一个特定的内容:你可以在那里提供你的web应用主机URL，或者动态复制原始信息(用于开发目的)。

注意:这是一个服务器端修复