方法一: 對某一接口配置,可以在方法上添加 @CrossOrigin 注解
@CrossOrigin(origins = {"http://localhost:8110", "null"}) // origins 不指定的話,默認為"*",即所有url
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String greetings(HttpServletRequest request,
HttpServletResponse response) {
// 一定要設置以下響應頭,否則客戶端報錯
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Origin",request.getHeader("Origin"));
return "Hello World";
}
方法二: 對一系列接口配置,在類上加注解,對此類的所有接口有效
@CrossOrigin(origins = {"http://localhost:8110", "null"}) // 不指定的話,默認為"*",即所有url
@RestController
@RequestMapping("/attendance/user")
public class SpringBootCorsTestApplication {
@PostMapping("/login")
public R login(
@RequestBody
User user,
HttpServletRequest request,
HttpServletResponse response
){
// 一定要設置以下響應頭,否則客戶端報錯
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Origin",request.getHeader("Origin"));
... // 邏輯代碼
}
}
方法三: 全局配置,添加一個配置類
**第一步**
@Configuration
public class CorsConfig {
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*"); // 允許任何域名使用
corsConfiguration.addAllowedHeader("*"); // 允許任何頭
corsConfiguration.addAllowedMethod("*"); // 允許任何方法(post、get等)
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", buildConfig()); // 對接口配置跨域設置
return new CorsFilter(source);
}
}
**第二步**
設置web層接口中的響應頭,代碼與方法一,二相同
方法四: 全局配置,並且在接口中不需要設置響應頭
@Configuration
public class CorsConfig1 extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("*")
.allowCredentials(true)
.allowedMethods("GET", "POST", "DELETE", "PUT")
.maxAge(3600);
}
}
