CORS前后端分离下的跨域

1. 使用thymeleaf如果访问接口仍然带上ip:port的话,还是会跨域
 
2. 创建Filter类
 
import java.io.IOException;
 

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 

import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
 

@Component
public class CORSFilter implements Filter{
 
@Override
public void init(FilterConfig filterConfig) throws ServletException {
 
}
 

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
 
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
 
//允许跨域访问的域
res.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
//是否允许请求带有验证信息
res.setHeader("Access-Control-Allow-Credentials", "true");
//允许使用的请求方法
res.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,PUT");
res.setHeader("Access-Control-Max-Age", "3600");
//允许携带的请求头
res.setHeader("Access-Control-Allow-Headers", "x-requested-with,Cache-Control,Pragma,Content-Type,Authorization,token");//
 
if(req.getMethod().equals(HttpMethod.OPTIONS.toString())) {
 
res.setStatus(HttpStatus.OK.value());
return;
}
 
chain.doFilter(request, res);
}
 

 
 

@Override
public void destroy() {
 
}
}

 

3. 生成Filter的Bean

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;


@Configuration
public class FilterConfig {

    @Bean
    public FilterRegistrationBean<CORSFilter> registerCorsFilter() {
        
        FilterRegistrationBean<CORSFilter> filterRegistrationBean = new FilterRegistrationBean<CORSFilter>();
        filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE + 1);
        filterRegistrationBean.setFilter(new CORSFilter());
        filterRegistrationBean.setName("CORSFilter");
        //filterRegistrationBean.addUrlPatterns("/*");
        
        
        return filterRegistrationBean;
    }
}

或者

    @Override
    protected void configure(HttpSecurity http) throws Exception {
         
        
        //ChannelProcessingFilter.class这是第一个filter
        http.addFilterBefore(new CORSFilter(), ChannelProcessingFilter.class);
        
    }

 

 

 

posted @ 2020-09-17 17:43  jason47  阅读(105)  评论(0编辑  收藏  举报