首页 > 代码库 > spring cloud 解决前端跨域

spring cloud 解决前端跨域

利用拦截器

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        String origin = request.getHeader("Origin");
        logger.info("进入AllowOriginIntercepter 拦截 origin={}",origin);
        String headers = request.getHeader("Access-Control-Request-Headers");
        if (!StringUtils.isEmpty(headers)) {
            headers = ", " + headers;
        } else {
            headers = "";
        }
        if (!StringUtils.isEmpty(origin)) {
            if (originIsAllow(origin, allowValue)) {
                response.setHeader("Access-Control-Allow-Origin", origin);
                response.setHeader("Access-Control-Allow-Methods", "GET, POST, HEAD, OPTIONS, PUT, DELETE, TRACE, PATCH");
                response.setHeader("Access-Control-Allow-Headers", "Origin, X-Token, Authentication, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Cache-control "+headers);
                response.setHeader("Access-Control-Allow-Credentials", "true");
            }
        }
        return true;
    }

 

   

利用Filter

/** 
     *  
     * attention:简单跨域就是GET,HEAD和POST请求,但是POST请求的"Content-Type"只能是application/x-www-form-urlencoded, multipart/form-data 或 text/plain 
     * 反之,就是非简单跨域,此跨域有一个预检机制,说直白点,就是会发两次请求,一次OPTIONS请求,一次真正的请求 
     */  
    @Bean  
    public CorsFilter corsFilter() {  
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();  
        final CorsConfiguration config = new CorsConfiguration();  
        config.setAllowCredentials(true); // 允许cookies跨域  
        config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许,在SpringMVC中,如果设成*,会自动转成当前请求头中的Origin  
        config.addAllowedHeader("*");// #允许访问的头信息,*表示全部  
        config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了  
        config.addAllowedMethod("OPTIONS");// 允许提交请求的方法,*表示全部允许  
        config.addAllowedMethod("HEAD");  
        config.addAllowedMethod("GET");// 允许Get的请求方法  
        config.addAllowedMethod("PUT");  
        config.addAllowedMethod("POST");  
        config.addAllowedMethod("DELETE");  
        config.addAllowedMethod("PATCH");  
        source.registerCorsConfiguration("/**", config);  
        return new CorsFilter(source);  
    }  

 

spring cloud 解决前端跨域