跨域解決
阿新 • • 發佈:2022-03-08
對於 CORS的跨域請求,主要有以下幾種方式可供選擇:
1.自定web filter 實現全域性跨域
import org.springframework.context.annotation.Configuration; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebFilter(filterName = "CorsFilter ") @Configuration public class GlobalCorsConfig implements Filter { @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Access-Control-Allow-Origin","*"); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); chain.doFilter(req, res); } }
2.返回新的CorsFilter(待驗證)
@Configuration public class GlobalCorsConfig { @Bean public CorsFilter corsFilter() { //1. 新增 CORS配置資訊 CorsConfiguration config = new CorsConfiguration(); //放行哪些原始域 config.addAllowedOrigin("*"); //是否傳送 Cookie config.setAllowCredentials(true); //放行哪些請求方式 config.addAllowedMethod("*"); //放行哪些原始請求頭部資訊 config.addAllowedHeader("*"); //暴露哪些頭部資訊 config.addExposedHeader("*"); //2. 新增對映路徑 UrlBasedCorsConfigurationSource corsConfigurationSource = new UrlBasedCorsConfigurationSource(); corsConfigurationSource.registerCorsConfiguration("/**",config); //3. 返回新的CorsFilter return new CorsFilter(corsConfigurationSource); } }
3.重寫 WebMvcConfigurer(待驗證)
@Configuration public class GlobalCorsConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") //是否傳送Cookie .allowCredentials(true) //放行哪些原始域 .allowedOrigins("*") .allowedMethods(new String[]{"GET", "POST", "PUT", "DELETE"}) .allowedHeaders("*") .exposedHeaders("*"); } }
4.使用註解 @CrossOrigin 區域性跨域
在控制器(類上)上使用註解 @CrossOrigin:,表示該類的所有方法允許跨域。
import org.springframework.web.bind.annotation.CrossOrigin;
@RestController @CrossOrigin(origins = "*") public class HelloController { @RequestMapping("/hello") public String hello() { return "hello world"; } }
在方法上使用註解 @CrossOrigin:
import org.springframework.web.bind.annotation.CrossOrigin;
@RequestMapping("/hello") @CrossOrigin(origins = "*") //@CrossOrigin(value = "http://localhost:8081") //指定具體ip允許跨域 public String hello() { return "hello world"; }
5.手動設定響應頭 (HttpServletResponse) 區域性跨域
@RequestMapping("/index") public String index(HttpServletResponse response) { response.addHeader("Access-Allow-Control-Origin","*"); return "index"; }