人工智慧 人臉識別 springcloud zuul的跨域問題
阿新 • • 發佈:2018-12-21
曾經開發人臉識別的token的批量服務的時候遇到了跨域問題,當時也不之所以然,畢竟前後端分離的架構,遇到資源來自不同的域是在所難免的,但是前端提出了這個問題之後,查找了之前的解決方案使用了
WebMvcConfigurerAdapter來解決的,具體的使用如下,只需要在controller層新增上就可以,這裡代表的意思是CorsRegistry 支援任意的路徑任意方法的跨域訪問
import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; @Configuration public class CustomCorsConfigurationService extends WebMvcConfigurerAdapter { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**").allowedOrigins("*").allowedMethods("*").allowCredentials(true); } }
然後查看了WebMvcConfigurerAdapter的原始碼瞭解關於跨域的這個方法addCorsMappings(CorsRegistry registry)的實現,就一個空方法
/**
* {@inheritDoc}
* <p>This implementation is empty.
*/
@Override
public void addCorsMappings(CorsRegistry registry) {
}
然後查找了CrosRegistry的定義程式碼
/* * Copyright 2002-2017 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.springframework.web.servlet.config.annotation; import java.util.ArrayList; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import org.springframework.web.cors.CorsConfiguration; /** * {@code CorsRegistry} assists with the registration of {@link CorsConfiguration} * mapped to a path pattern. * * @author Sebastien Deleuze * @since 4.2 * @see CorsRegistration */ public class CorsRegistry { private final List<CorsRegistration> registrations = new ArrayList<CorsRegistration>(); /** * Enable cross-origin request handling for the specified path pattern. * <p>Exact path mapping URIs (such as {@code "/admin"}) are supported as * well as Ant-style path patterns (such as {@code "/admin/**"}). * <p>By default, all origins, all headers, credentials and {@code GET}, * {@code HEAD}, and {@code POST} methods are allowed, and the max age * is set to 30 minutes. * @param pathPattern the path pattern to enable CORS handling for * @return CorsRegistration the corresponding registration object, * allowing for further fine-tuning */ public CorsRegistration addMapping(String pathPattern) { CorsRegistration registration = new CorsRegistration(pathPattern); this.registrations.add(registration); return registration; } /** * Return the registered {@link CorsConfiguration} objects, * keyed by path pattern. */ protected Map<String, CorsConfiguration> getCorsConfigurations() { Map<String, CorsConfiguration> configs = new LinkedHashMap<String, CorsConfiguration>(this.registrations.size()); for (CorsRegistration registration : this.registrations) { configs.put(registration.getPathPattern(), registration.getCorsConfiguration()); } return configs; } }
從CorsRegistry看到核心邏輯來自CorsRegistration的定義,注意註釋的程式碼
// Same implicit default values as the @CrossOrigin annotation + allows simple methods
如果不寫這個自定義的CrosRegistry也可以通過註解@CrossOrigin來實現
/** * Create a new {@link CorsRegistration} that allows all origins, headers, and * credentials for {@code GET}, {@code HEAD}, and {@code POST} requests with * max age set to 1800 seconds (30 minutes) for the specified path. * @param pathPattern the path that the CORS configuration should apply to; * exact path mapping URIs (such as {@code "/admin"}) are supported as well * as Ant-style path patterns (such as {@code "/admin/**"}). */ public CorsRegistration(String pathPattern) { this.pathPattern = pathPattern; // Same implicit default values as the @CrossOrigin annotation + allows simple methods this.config = new CorsConfiguration().applyPermitDefaultValues(); }