1、第一种:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
public class corsfilter extends onceperrequestfilter { static final string origin = "origin"; protected void dofilterinternal( httpservletrequest request, httpservletresponse response, filterchain filterchain) throws servletexception, ioexception { string origin = request.getheader(origin); response.setheader("access-control-allow-origin", "*");//* or origin as u prefer response.setheader("access-control-allow-credentials", "true"); response.setheader("access-control-allow-methods", "put, post, get, options, delete"); response.setheader("access-control-max-age", "3600"); response.setheader("access-control-allow-headers", "content-type, authorization"); if (request.getmethod().equals("options")) response.setstatus(httpservletresponse.sc_ok); else filterchain.dofilter(request, response); }}@beanpublic corsfilter corsfilter() throws exception { return new corsfilter();}http .addfilterbefore(corsfilter(), usernamepasswordauthenticationfilter.class) .addfilterbefore(authenticationtokenfilterbean(), usernamepasswordauthenticationfilter.class) .headers() .cachecontrol(); |
2、第二种:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
@configurationpublic class corsconfig { @bean public filterregistrationbean corsfilter() { urlbasedcorsconfigurationsource source = new urlbasedcorsconfigurationsource(); corsconfiguration config = new corsconfiguration(); config.setallowcredentials(true); // 设置你要允许的网站域名,如果全允许则设为 * config.addallowedorigin("http://localhost:4200"); // 如果要限制 header 或 method 请自行更改 config.addallowedheader("*"); config.addallowedmethod("*"); source.registercorsconfiguration("/**", config); filterregistrationbean bean = new filterregistrationbean(new corsfilter(source)); // 这个顺序很重要哦,为避免麻烦请设置在最前 bean.setorder(0); return bean; }} |
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。
原文链接:https://segmentfault.com/a/1190000012364985
