跨域解决
对于 CORS的跨域请求,主要有以下几种方式可供选择:
1.自定web filter 实现全局跨域
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | import org.springframework.context.annotation.Configuration; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebFilter (filterName = "CorsFilter " ) @Configuration public class GlobalCorsConfig implements Filter { @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; response.setHeader( "Access-Control-Allow-Origin" , "*" ); response.setHeader( "Access-Control-Allow-Credentials" , "true" ); response.setHeader( "Access-Control-Allow-Methods" , "POST, GET, PATCH, DELETE, PUT" ); response.setHeader( "Access-Control-Max-Age" , "3600" ); response.setHeader( "Access-Control-Allow-Headers" , "Origin, X-Requested-With, Content-Type, Accept" ); chain.doFilter(req, res); } } |
2.返回新的CorsFilter
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class CrosConfig{
@Bean
public CorsFilter corsFilter() {
//1. 创建CorsConfiguration对象
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*");//设置允许那些域来访问,*是通配符,允许所有域
corsConfiguration.addAllowedHeader("*");//请求头字段
corsConfiguration.addAllowedMethod("*");//请求方式(GET,POST,DELETE,PUT)
//设置source
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfiguration);//1.映射路径 2.传入CorsConfiguration对象
return new CorsFilter(source);
}
}
3.重写 WebMvcConfigurer(待验证)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | @Configuration public class GlobalCorsConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping( "/**" ) //是否发送Cookie .allowCredentials( true ) //放行哪些原始域 .allowedOrigins( "*" ) .allowedMethods( new String[]{ "GET" , "POST" , "PUT" , "DELETE" }) .allowedHeaders( "*" ) .exposedHeaders( "*" ); } } |
4.使用注解 @CrossOrigin 局部跨域
在控制器(类上)上使用注解 @CrossOrigin:,表示该类的所有方法允许跨域。
1 2 3 4 5 6 7 8 | import org.springframework.web.bind.annotation.CrossOrigin; @RestController @CrossOrigin (origins = "*" ) public class HelloController { @RequestMapping ( "/hello" ) public String hello() { return "hello world" ; } } |
在方法上使用注解 @CrossOrigin:
1 2 3 4 5 6 | import org.springframework.web.bind.annotation.CrossOrigin;<br> @RequestMapping ( "/hello" ) @CrossOrigin (origins = "*" ) //@CrossOrigin(value = "http://localhost:8081") //指定具体ip允许跨域 public String hello() { return "hello world" ; } |
5.手动设置响应头 (HttpServletResponse) 局部跨域
1 2 3 4 5 | @RequestMapping ( "/index" ) public String index(HttpServletResponse response) { response.addHeader( "Access-Allow-Control-Origin" , "*" ); return "index" ; } |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 分享4款.NET开源、免费、实用的商城系统
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· 上周热点回顾(2.24-3.2)