This is the 8th day of my participation in the August Text Challenge.More challenges in August
Question:
The sending protocol requests a file stream and needs to get the value of the Content-Disposition field in the response header in the packet back, separating the filename from it. But by looking at the console, the header does have this property:
In the console can see clearly in the Network, but in response to the interceptor with js headers “content – disposition” to obtain, but there is no content in print the header object – disposition not available, what reason is this?
The reason:
According to the MDN documentation: access-Control-expose-headers
By default, the header has only 7 types of Simple Response headers that can be exposed externally:
| The name of the | |
|---|---|
| Cache-Control | Generic header fields are used to implement caching mechanisms by specifying directives in HTTP requests and responses |
| Content-Language | Indicate the language or combination of languages that the visitor wishes to use so that the user can customize the content based on their preferred language |
| Content-Length | Specifies the size of the body of the message to be sent to the receiver, that is, the number of octuples expressed in decimal numbers |
| Content-Type | Tells the client the content type of the actual returned content |
| Expires | The response header contains the date/time after which the response expires |
| Last-Modified | Contains the date and time that the resource identified by the source server was modified |
| Pragma | A generic header specified in HTTP/1.0 for backward compatibility with HTTP/1.0 only cache servers |
By “exposed”, I mean accessible to the client, either from the Network or from the code.
Content-disposition, as mentioned in the above question, is not one of them, so even if the server adds this field to the protocol packet, it is “visible, but not eaten” by the client because it is not “exposed” to the outside world.
The access-Control-expose-headers is the switch that controls exposure, listing which Headers can be exposed as part of the response. So if you want the client to have Access to other Headers, the server not only adds the Headers to the header, but also lists them in access-Control-expose-headers.
Solution:
Server:
response.setHeader("Access-Control-Expose-Headers"."Content-Disposition")
response.setHeader("Content-Disposition",...).Copy the codeAfter successful setting, service desk Network can see:
The client can then retrieve the content-Disposition field of the response header.
A jersey backend example is attached
package com.howtodoinjava.jersey;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.StreamingOutput;
@Path("/download")
public class JerseyService
{
@GET
@Path("/pdf")
public Response downloadPdfFile(a)
{
StreamingOutput fileStream = new StreamingOutput()
{
@Override
public void write(java.io.OutputStream output) throws IOException, WebApplicationException
{
try
{
java.nio.file.Path path = Paths.get("C:/temp/test.pdf");
byte[] data = Files.readAllBytes(path);
output.write(data);
output.flush();
}
catch (Exception e)
{
throw new WebApplicationException("File Not Found !!"); }}};return Response
.ok(fileStream, MediaType.APPLICATION_OCTET_STREAM)
.header("content-disposition"."attachment; filename = myfile.pdf")
.header("Access-Control-Expose-Headers"."Content-Disposition") .build(); }}Copy the code