一、 Spring MVC 从4.2版本开始增加了对CORS的支持在Spring MVC 中增加CORS支持非常简单,可以配置全局的规则
<mvc:cors>
<mvc:mapping path="/**" allowed-origins="*" allow-credentials="true" max-age="1800"
allowed-methods="GET,POST,PUT,DELETE,PATCH,OPTIONS"/>
</mvc:cors>二、当上述配置无效的时候,可以自定义拦截器,用代码实现跨域
如:
import ;
import ;
import ;
import ;
public class CrossInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
if (() != null) {
String origin = ("Origin");
("Access-Control-Allow-Origin", origin);
("Access-Control-Allow-Credentials", "true");
("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT,PATCH, HEAD");
("Access-Control-Allow-Headers", "Content-Type");
("Access-Control-Max-Age", "3600");
}
return true;
}
}三、SpringMVC4.1及更老的版本的跨域问题解决
可以自定义拦截器或者过滤器,如:
import ;
import ;
import ;
import ;
public class cInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse response, Object o) throws Exception {
("添加跨域支持");
//添加跨域CORS
("Access-Control-Max-Age", "1800");//30 min
("Access-Control-Allow-Origin", "*");
("Access-Control-Allow-Headers", "X-Requested-With,content-type,Content-Type,token");
("Access-Control-Allow-Credentials", "true");
("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH");
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
("postHandle");
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
("afterCompletion");
}
}四、如果是带有cookie的跨域问题
带有cookie时,配置Access-Control-Allow-Origin项不能为*,必须是具体的值!
如:
import ;
import ;
import ;
import ;
public class cInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse response, Object o) throws Exception {
("添加跨域支持");
//添加跨域CORS
("Access-Control-Max-Age", "1800");//30 min
("Access-Control-Allow-Origin", ":8080");
("Access-Control-Allow-Headers", "X-Requested-With,content-type,Content-Type,token");
("Access-Control-Allow-Credentials", "true");
("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH");
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
("postHandle");
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
("afterCompletion");
}
}