详解springboot设置cors跨域请求的两种方式
1、第一种:
publicclassCorsFilterextendsOncePerRequestFilter{
staticfinalStringORIGIN="Origin";
protectedvoiddoFilterInternal(
HttpServletRequestrequest,
HttpServletResponseresponse,
FilterChainfilterChain)throwsServletException,IOException{
Stringorigin=request.getHeader(ORIGIN);
response.setHeader("Access-Control-Allow-Origin","*");//*ororiginasuprefer
response.setHeader("Access-Control-Allow-Credentials","true");
response.setHeader("Access-Control-Allow-Methods","PUT,POST,GET,OPTIONS,DELETE");
response.setHeader("Access-Control-Max-Age","3600");
response.setHeader("Access-Control-Allow-Headers","content-type,authorization");
if(request.getMethod().equals("OPTIONS"))
response.setStatus(HttpServletResponse.SC_OK);
else
filterChain.doFilter(request,response);
}
}
@Bean
publicCorsFiltercorsFilter()throwsException{
returnnewCorsFilter();
}
http
.addFilterBefore(corsFilter(),UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(authenticationTokenFilterBean(),UsernamePasswordAuthenticationFilter.class)
.headers()
.cacheControl();
2、第二种:
@Configuration
publicclassCorsConfig{
@Bean
publicFilterRegistrationBeancorsFilter(){
UrlBasedCorsConfigurationSourcesource=newUrlBasedCorsConfigurationSource();
CorsConfigurationconfig=newCorsConfiguration();
config.setAllowCredentials(true);
//设置你要允许的网站域名,如果全允许则设为*
config.addAllowedOrigin("http://localhost:4200");
//如果要限制HEADER或METHOD请自行更改
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**",config);
FilterRegistrationBeanbean=newFilterRegistrationBean(newCorsFilter(source));
//这个顺序很重要哦,为避免麻烦请设置在最前
bean.setOrder(0);
returnbean;
}
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。