解决shindig gadget 跨域不可访问
唐伟
1,将shindig部署在 http://localhost:8080 上。
2,将web测试应用部署在 http://localhost:8088 上。
测试页面(index.html)内容如下:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<script type="text/javascript" src="http://localhost:8080/gadgets/js/container:open-views:opensearch:rpc:xmlutil:pubsub-2.js?c=1&debug=1&container=default"></script>
<script>
var testConfig = testConfig || {};
testConfig[osapi.container.ServiceConfig.API_HOST] = "http://localhost:8080";
testConfig[osapi.container.ServiceConfig.API_PATH] = '/rpc';
testConfig[osapi.container.ContainerConfig.RENDER_DEBUG] = '1';
// Default the security token for the container. Using this example security token requires enabling
// the DefaultSecurityTokenCodec to let UrlParameterAuthenticationHandler create valid security token.
// 10 seconds is fast, but this is mostly for demonstration purposes.
testConfig[osapi.container.ContainerConfig.GET_CONTAINER_TOKEN] = function(callback) {
gadgets.log('Updating container security token.');
callback('john.doe:john.doe:appid:cont:url:0:default', 10);
};
function onloadHandler(){
var CommonContainer = new osapi.container.Container(testConfig);
CommonContainer.renderGadget = function(gadgetURL) {
//going to hardcode these values for width.
var el = document.getElementById('gadgetArea');
var params = {};
params[osapi.container.RenderParam.WIDTH] = '100%';
var gadgetSite = CommonContainer.newGadgetSite(el);
CommonContainer.navigateGadget(gadgetSite, gadgetURL, {}, params);
return gadgetSite;
};
var arr = new Array();
arr.push('http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml');
arr.push('http://localhost:8080/containers/commoncontainer/sample-views.xml');
CommonContainer.renderGadget(arr[1]);
}
</script>
</head>
<body οnlοad="onloadHandler()">
Welcome !
<div id="gadgetArea"></div>
</body>
</html>
那么问题来了 :wink: :
Updating container security token.
contain...default (第 568 行)
"NetworkError: 400 Bad Request - http://localhost:8080/rpc?st=john.doe%3Ajohn.doe%3Aappid%3Acont%3Aurl%3A0%3Adefault"
rpc?st=...default
Failed to navigate for gadget http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml.
contain...default (第 564 行)
Detailed error:
contain...default (第 568 行)
Failed to possibly schedule token refresh for gadget http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml.
contain...default (第 564 行)
2
已阻止交叉源请求:同源策略不允许读取 http://localhost:8080/rpc?st=john.doe%3Ajohn.doe%3Aappid%3Acont%3Aurl%3A0%3Adefault 上的远程资源。可以将资源移动到相同的域名上或者启用 CORS 来解决这个问题。
77
Updating container security token.
解决方法:
1,下载cors-filter-*.jar,java-property-utils-*.jar这两个库文件,放到lib目录下。
2.在web.xml中添加如下配置。
<!-- CROS -->
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- CROS -->
2,将web测试应用部署在 http://localhost:8088 上。
测试页面(index.html)内容如下:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<script type="text/javascript" src="http://localhost:8080/gadgets/js/container:open-views:opensearch:rpc:xmlutil:pubsub-2.js?c=1&debug=1&container=default"></script>
<script>
var testConfig = testConfig || {};
testConfig[osapi.container.ServiceConfig.API_HOST] = "http://localhost:8080";
testConfig[osapi.container.ServiceConfig.API_PATH] = '/rpc';
testConfig[osapi.container.ContainerConfig.RENDER_DEBUG] = '1';
// Default the security token for the container. Using this example security token requires enabling
// the DefaultSecurityTokenCodec to let UrlParameterAuthenticationHandler create valid security token.
// 10 seconds is fast, but this is mostly for demonstration purposes.
testConfig[osapi.container.ContainerConfig.GET_CONTAINER_TOKEN] = function(callback) {
gadgets.log('Updating container security token.');
callback('john.doe:john.doe:appid:cont:url:0:default', 10);
};
function onloadHandler(){
var CommonContainer = new osapi.container.Container(testConfig);
CommonContainer.renderGadget = function(gadgetURL) {
//going to hardcode these values for width.
var el = document.getElementById('gadgetArea');
var params = {};
params[osapi.container.RenderParam.WIDTH] = '100%';
var gadgetSite = CommonContainer.newGadgetSite(el);
CommonContainer.navigateGadget(gadgetSite, gadgetURL, {}, params);
return gadgetSite;
};
var arr = new Array();
arr.push('http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml');
arr.push('http://localhost:8080/containers/commoncontainer/sample-views.xml');
CommonContainer.renderGadget(arr[1]);
}
</script>
</head>
<body οnlοad="onloadHandler()">
Welcome !
<div id="gadgetArea"></div>
</body>
</html>
那么问题来了 :wink: :
Updating container security token.
contain...default (第 568 行)
"NetworkError: 400 Bad Request - http://localhost:8080/rpc?st=john.doe%3Ajohn.doe%3Aappid%3Acont%3Aurl%3A0%3Adefault"
rpc?st=...default
Failed to navigate for gadget http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml.
contain...default (第 564 行)
Detailed error:
contain...default (第 568 行)
Failed to possibly schedule token refresh for gadget http://localhost:8080/gadgets/compliance-1.0/helloWorld.xml.
contain...default (第 564 行)
2
已阻止交叉源请求:同源策略不允许读取 http://localhost:8080/rpc?st=john.doe%3Ajohn.doe%3Aappid%3Acont%3Aurl%3A0%3Adefault 上的远程资源。可以将资源移动到相同的域名上或者启用 CORS 来解决这个问题。
77
Updating container security token.
解决方法:
1,下载cors-filter-*.jar,java-property-utils-*.jar这两个库文件,放到lib目录下。
2.在web.xml中添加如下配置。
<!-- CROS -->
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- CROS -->
类似资料: