HiDocs
Search K

Appearance

问题背景:

已经编写了如下代码:

java
@Configuration
public class WebConfig implements WebMvcConfigurer {


    @Override
    public void addCorsMappings(CorsRegistry registry) {

        //跨域配置:不可设置为*,不安全, 前后端分离项目,可能域名不一致(前端是8080,后端是8888)
        //注意我们用了nginx之后就不需要写端口号了:配置跨域,如果有多个域名就写多个
        registry.addMapping("/**")
                .allowedOrigins("localhost:8080"). //允许跨域的域名,可以用*表示允许任何域名使用
                allowedMethods("*"). //允许任何方法(post、get等)
                allowedHeaders("*"). //允许任何请求头
                allowCredentials(true). //带上cookie信息
                exposedHeaders(HttpHeaders.SET_COOKIE).maxAge(3600L); //maxAge(3600)表明在3600秒内,不需要再发送预检验请求,可以缓存该结果

//                addMapping("/**").allowedOrigins("localhost:8080");
    }
}

但是发现还是报错跨域问题!!!

  1. 编写过滤器类:
java
package gentle;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 改写所有请求头
 * @author silence
 * @date 2018/12/11 15:19
 */

@WebFilter(filterName = "requestFilter",urlPatterns = {"/*"})
public class RequestFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpServletRequest request = (HttpServletRequest)servletRequest;

        String origin = request.getHeader("Origin");
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        //第一种:response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization");
        //第二种:更加通用
        response.setHeader("Access-Control-Allow-Headers", "content-type, xfilecategory, xfilename, xfilesize, Authorization");

        response.setHeader("Access-Control-Allow-Credentials", "true");
        String method = request.getMethod();
        if(method.equalsIgnoreCase("OPTIONS")){
            servletResponse.getOutputStream().write("Success".getBytes("utf-8"));
        }else{
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override
    public void destroy() {

    }

}

2.  在过滤器类上加注解:

java
import javax.servlet.annotation.WebFilter;

@WebFilter(filterName = "requestFilter",urlPatterns = {"/*"})

3.  在项目启动类上加注解:

java
import org.springframework.boot.web.servlet.ServletComponentScan;

@ServletComponentScan

4.  启动工程就行了。