SpringBoot---前端跨域

落日映苍穹つ 2024-02-19 13:44 35阅读 0赞

1.解决方案一：在Controller上添加@CrossOrigin注解

// 注解方式  
    @CrossOrigin 
    @RestController  
    public class LoginController {  
          
         //方法上加入注解
        @CrossOrigin(allowCredentials="true", allowedHeaders="*", methods={RequestMethod.GET,  
                RequestMethod.POST, RequestMethod.DELETE, RequestMethod.OPTIONS,  
                RequestMethod.HEAD, RequestMethod.PUT, RequestMethod.PATCH}, origins="*")  
        @PostMapping("/confirm")  
        public Response handler(@RequestBody Request json){  
              
            return null;  
        }  
    }

解决方案二：全局配置

项目全局配置

@Configuration  
     public class MyWebConfiguration {  
      
            @Bean  
            public WebMvcConfigurer corsConfigurer() {  
                return new WebMvcConfigurerAdapter() {  
                    @Override  
                    public void addCorsMappings(CorsRegistry registry) {  
                        registry.addMapping("/**")  
                        .allowCredentials(true)  
                        .allowedMethods("*");  
                    }  
                };  
            }  
        }

解决方案三：通过拦截器/过滤器实现跨域

在spring boot的主类中，增加一个CorsFilter

@Bean  
    public CorsFilter corsFilter() {  
            final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();  
            final CorsConfiguration config = new CorsConfiguration();  
            config.setAllowCredentials(true); // 允许cookies跨域  
            config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI，*表示全部允许，在SpringMVC中，如果设成*，会自动转成当前请求头中的Origin  
            config.addAllowedHeader("*");// #允许访问的头信息,*表示全部  
            config.setMaxAge(18000L);// 预检请求的缓存时间（秒），即在这个时间段里，对于相同的跨域请求不会再预检了  
            config.addAllowedMethod("OPTIONS");// 允许提交请求的方法，*表示全部允许  
            config.addAllowedMethod("HEAD");  
            config.addAllowedMethod("GET");// 允许Get的请求方法  
            config.addAllowedMethod("PUT");  
            config.addAllowedMethod("POST");  
            config.addAllowedMethod("DELETE");  
            config.addAllowedMethod("PATCH");  
            source.registerCorsConfiguration("/**", config);  
            return new CorsFilter(source);  
        }

或者实现自定义的CorsFilter

@Component
    public class CrosFilter implements Filter {
     
        /**
         * 跨域配置
         *
         * @param req http请求
         * @param res http响应
         * @param chain 责任链
         * @throws IOException IO异常
         * @throws ServletException Servlet异常
         */
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            response.setHeader("Access-Control-Allow-Origin", "*");
            response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
            response.setHeader("Access-Control-Max-Age", "3600");
            response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token, language");
            chain.doFilter(req, res);
        }
     
        /**
         * 初始化配置
         *
         * @param filterConfig 初始化配置参数
         */
        public void init(FilterConfig filterConfig) {
        }
     
        /**
         * 配置销毁
         */
        public void destroy() {
        }
    }