主页 / 问题 / 1480460
Accepted
ulxanxv
Asked:2022-12-23 17:52:23 +0000 UTC2022-12-23 17:52:23 +0000 UTC

成功生成响应后如何更改响应标头?

  • 772

大家好!许多人都熟悉 class javax.servlet.Filter,它允许您在请求生命周期中嵌入自己的逻辑,我对此有疑问:

public class CorsFilter implements Filter {

    private static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String ALLOW = "Allow";

    @Override
    public void init(FilterConfig filterConfig) {
        // NO LOGIC
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
        chain.doFilter(req, resp);

        final HttpServletResponse response = (HttpServletResponse) resp;
        
        final Collection<String> headers = response.getHeaderNames();
        if (notContainHeaderWithIgnoreCase(headers, ACCESS_CONTROL_ALLOW_ORIGIN)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        }
        if (notContainHeaderWithIgnoreCase(headers, ACCESS_CONTROL_ALLOW_HEADERS)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_HEADERS, "*");
        }
        if (notContainHeaderWithIgnoreCase(headers, ACCESS_CONTROL_ALLOW_METHODS)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS");
        }
        if (notContainHeaderWithIgnoreCase(headers, ALLOW)) {
            response.addHeader(ALLOW, "GET, POST, PUT, DELETE, OPTIONS");
        }
    }

    private boolean notContainHeaderWithIgnoreCase(Collection<String> headers, String name) {
        return headers.stream().noneMatch(header -> header.equalsIgnoreCase(name));
    }

    @Override
    public void destroy() {
        // NO LOGIC
    }
}

在这个过滤器中,在形成响应后,我尝试查看其中是否有CORS标题,如果没有,则将它们放下。我不能在生成响应之前执行此操作,因为该服务有时会代理请求并且第三方服务也会CORS放下,从而复制它。

此实现不起作用,因为生成响应后,它被标记为commited并且无法更改。怎样成为?

java

1 个回答

  1. Best Answer

    我想通了问题,结果是这样的(也许有人会需要它):

    public class CorsFilter implements Filter {

    private static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String ALLOW = "Allow";

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
        final ResponseWrapper wrapper = new ResponseWrapper(
                (HttpServletResponse) resp);

        filterChain.doFilter(req, wrapper);

        setCorsHeaders((HttpServletResponse) resp);
        copyResponseToOriginalResponse(wrapper, resp);
    }

    private void setCorsHeaders(HttpServletResponse response) {
        final HeaderNames headerNames = new HeaderNames(response.getHeaderNames());
        if (headerNames.notContainsIgnoreCase(ACCESS_CONTROL_ALLOW_ORIGIN)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        }
        if (headerNames.notContainsIgnoreCase(ACCESS_CONTROL_ALLOW_HEADERS)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_HEADERS, "*");
        }
        if (headerNames.notContainsIgnoreCase(ACCESS_CONTROL_ALLOW_METHODS)) {
            response.addHeader(ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS");
        }
        if (headerNames.notContainsIgnoreCase(ALLOW)) {
            response.addHeader(ALLOW, "GET, POST, PUT, DELETE, OPTIONS");
        }
    }

    private void copyResponseToOriginalResponse(ResponseWrapper wrapper, ServletResponse response) throws IOException {
        final ServletOutputStream outputStream = response.getOutputStream();
        outputStream.write(wrapper.getCaptureAsBytes());
    }

    private static final class ResponseWrapper extends HttpServletResponseWrapper {

        private final ByteArrayOutputStream capture;
        private ServletOutputStream output;
        private PrintWriter writer;

        public ResponseWrapper(HttpServletResponse response) {
            super(response);
            capture = new ByteArrayOutputStream(response.getBufferSize());
        }

        @Override
        public ServletOutputStream getOutputStream() {
            if (writer != null) {
                throw new IllegalStateException("getWriter() has already been called on this response.");
            }

            if (output == null) {
                output = new ServletOutputStream() {
                    @Override
                    public void write(int b) throws IOException {
                        capture.write(b);
                    }

                    @Override
                    public void flush() throws IOException {
                        capture.flush();
                    }

                    @Override
                    public void close() throws IOException {
                        capture.close();
                    }

                    @Override
                    public boolean isReady() {
                        return false;
                    }

                    @Override
                    public void setWriteListener(WriteListener arg0) {
                    }
                };
            }

            return output;
        }

        @Override
        public PrintWriter getWriter() throws IOException {
            if (output != null) {
                throw new IllegalStateException("getOutputStream() has already been called on this response.");
            }

            if (writer == null) {
                writer = new PrintWriter(new OutputStreamWriter(capture, getCharacterEncoding()));
            }

            return writer;
        }

        @Override
        public void flushBuffer() throws IOException {
            super.flushBuffer();

            if (writer != null) {
                writer.flush();
            } else if (output != null) {
                output.flush();
            }
        }

        public byte[] getCaptureAsBytes() throws IOException {
            if (writer != null) {
                writer.close();
            } else if (output != null) {
                output.close();
            }

            return capture.toByteArray();
        }
    }

    @Override
    public void init(FilterConfig filterConfig) {
        /* NO LOGIC */
    }

    @Override
    public void destroy() {
        /* NO LOGIC */
    }
}
    • 0

相关问题