1、第一种:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
public class corsfilter extends onceperrequestfilter {
static final string origin = "origin" ;
protected void dofilterinternal( httpservletrequest request, httpservletresponse response, filterchain filterchain) throws servletexception, ioexception {
string origin = request.getheader(origin);
response.setheader( "access-control-allow-origin" , "*" ); //* or origin as u prefer response.setheader( "access-control-allow-credentials" , "true" ); response.setheader( "access-control-allow-methods" , "put, post, get, options, delete" ); response.setheader( "access-control-max-age" , "3600" ); response.setheader( "access-control-allow-headers" , "content-type, authorization" );
if (request.getmethod().equals( "options" )) response.setstatus(httpservletresponse.sc_ok); else filterchain.dofilter(request, response);
} } @bean public corsfilter corsfilter() throws exception { return new corsfilter(); }
http .addfilterbefore(corsfilter(), usernamepasswordauthenticationfilter. class ) .addfilterbefore(authenticationtokenfilterbean(), usernamepasswordauthenticationfilter. class ) .headers() .cachecontrol(); |
2、第二种:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
@configuration public class corsconfig { @bean public filterregistrationbean corsfilter() { urlbasedcorsconfigurationsource source = new urlbasedcorsconfigurationsource(); corsconfiguration config = new corsconfiguration(); config.setallowcredentials( true ); // 设置你要允许的网站域名,如果全允许则设为 * config.addallowedorigin( "http://localhost:4200" ); // 如果要限制 header 或 method 请自行更改 config.addallowedheader( "*" ); config.addallowedmethod( "*" ); source.registercorsconfiguration( "/**" , config); filterregistrationbean bean = new filterregistrationbean( new corsfilter(source)); // 这个顺序很重要哦,为避免麻烦请设置在最前 bean.setorder( 0 ); return bean; } } |
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。
原文链接:https://segmentfault测试数据/a/1190000012364985
查看更多关于详解springboot设置cors跨域请求的两种方式的详细内容...