play framework cors跨域

接着上一篇的play framework 文件上传
、作为一个web项目、cors是一个基本功能、用于防跨站请求攻击的。

使用教程

添加依赖

libraryDependencies += filters

application.conf 配置

play.http {
  filters = filters.CorsFilter
}
cors {
    # Filter paths by a whitelist of path prefixes
    pathPrefixes = ["/"]

    # The allowed origins. If null, all origins are allowed.
    allowedOrigins = null

//    allowedHttpHeaders = ["Accept"]

//    preflightMaxAge = 3 days

    # The allowed HTTP methods. If null, all methods are allowed
    allowedHttpMethods = ["GET", "POST", "OPTIONS"]
  }

创建CorsFilter类

package filters

import javax.inject._
import play.api.http.DefaultHttpFilters
import play.filters.cors.CORSFilter

@Singleton
class CorsFilter @Inject()(corsFilter: CORSFilter) extends DefaultHttpFilters(corsFilter)

默认禁止跨域、如果允许则在routes url上添加 + nocsrf

+ nocsrf
POST     /file/upload                 controllers.FileController.upload

最后

play framework真的很好用、添加代码动态编译加载。