1.使用拦截器,实现javax.servlet.Filter接口
import
javax.servlet.Filter;
import
javax.servlet.FilterChain;
import
javax.servlet.FilterConfig;
import
javax.servlet.ServletException;
import
javax.servlet.ServletRequest;
import
javax.servlet.ServletResponse;
import
javax.servlet.annotation.WebFilter;
import
javax.servlet.http.HttpServletResponse;
@WebFilter
(filterName=
"CorsFilter"
, urlPatterns=
"*.do"
)
public
class
CorsFilter
implements
Filter{
@Override
public
void
destroy() {
}
@Override
public
void
doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws
IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) resp;
response.setHeader(
"Access-Control-Allow-Origin"
,
"*"
);
//解决跨域访问报错
response.setHeader(
"Access-Control-Allow-Methods"
,
"POST, PUT, GET, OPTIONS, DELETE"
);
response.setHeader(
"Access-Control-Max-Age"
,
"3600"
);
//设置过期时间
response.setHeader(
"Access-Control-Allow-Headers"
,
"Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization"
);
response.setHeader(
"Cache-Control"
,
"no-cache, no-store, must-revalidate"
);
// 支持HTTP 1.1.
response.setHeader(
"Pragma"
,
"no-cache"
);
// 支持HTTP 1.0. response.setHeader("Expires", "0");
chain.doFilter(req, resp);
}
@Override
public
void
init(FilterConfig arg0)
throws
ServletException {
}
}
如果想用xml的形式配置拦截器,可以删除@WebFilter(filterName="CorsFilter" , urlPatterns="*.do"),然后在web.xml中添加下面的配置
<
filter
>
<
filter-name
>CorsFilter</
filter-name
>
<
filter-class
>com.huaming.filter.CorsFilter</
filter-class
>
</
filter
>
<
filter-mapping
>
<
filter-name
>CorsFilter</
filter-name
>
<
url-pattern
>*.do</
url-pattern
>
</
filter-mapping
>
2.使用注解的形式,配置org.springframework.web.filter.CorsFilter,通常springboot项目多数使用这种方式
import
org.springframework.web.filter.CorsFilter;
import
org.springframework.context.annotation.Bean;
import
org.springframework.context.annotation.Configuration;
import
org.springframework.web.cors.CorsConfiguration;
import
org.springframework.web.cors.UrlBasedCorsConfigurationSource;
/**
* 解决跨域问题springboot所需配置
*/
@Configuration
public
class
CORSConfiguration {
@Bean
public
CorsFilter corsFilter() {
//1.添加CORS配置信息
CorsConfiguration config =
new
CorsConfiguration();
//1) 允许的域,不要写*,否则cookie就无法使用了
config.addAllowedOrigin(
"*"
);
config.addAllowedHeader(
"*"
);
// 允许任何头
config.addAllowedMethod(
"*"
);
// 允许任何方法(post、get等)
//2) 是否发送Cookie信息
config.setAllowCredentials(
true
);
//3) 允许的请求方式
config.addAllowedMethod(
"OPTIONS"
);
config.addAllowedMethod(
"HEAD"
);
config.addAllowedMethod(
"GET"
);
config.addAllowedMethod(
"PUT"
);
config.addAllowedMethod(
"POST"
);
config.addAllowedMethod(
"DELETE"
);
config.addAllowedMethod(
"PATCH"
);
// 4)允许的头信息
config.addAllowedHeader(
"*"
);
// 5)配置有效时长
config.setMaxAge(
3600
*24L);
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource =
new
UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration(
"/**"
, config);
//3.返回新的CorsFilter.
return
new
CorsFilter(configSource);
}
}
另外参考其他的解决方法
https://blog.csdn.net/yue29026/article/details/70860719/
https://blog.csdn.net/sky786905664/article/details/79183856(符合我项目的情况,已使用)
https://cloud.tencent.com/developer/article/1450192