1、第一种:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
public class corsfilter extends onceperrequestfilter {
static final string origin = "origin";
protected void dofilterinternal(
httpservletrequest request,
httpservletresponse response,
filterchain filterchain) throws servletexception, ioexception {
string origin = request.getheader(origin);
response.setheader("access-control-allow-origin", "*");//* or origin as u prefer
response.setheader("access-control-allow-credentials", "true");
response.setheader("access-control-allow-methods", "put, post, get, options, delete");
response.setheader("access-control-max-age", "3600");
response.setheader("access-control-allow-headers", "content-type, authorization");
if (request.getmethod().equals("options"))
response.setstatus(httpservletresponse.sc_ok);
else
filterchain.dofilter(request, response);
}
}
@bean
public corsfilter corsfilter() throws exception {
return new corsfilter();
}
http
.addfilterbefore(corsfilter(), usernamepasswordauthenticationfilter.class)
.addfilterbefore(authenticationtokenfilterbean(), usernamepasswordauthenticationfilter.class)
.headers()
.cachecontrol();
|
2、第二种:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
@configuration
public class corsconfig {
@bean
public filterregistrationbean corsfilter() {
urlbasedcorsconfigurationsource source = new urlbasedcorsconfigurationsource();
corsconfiguration config = new corsconfiguration();
config.setallowcredentials(true);
// 设置你要允许的网站域名,如果全允许则设为 *
config.addallowedorigin("http://localhost:4200");
// 如果要限制 header 或 method 请自行更改
config.addallowedheader("*");
config.addallowedmethod("*");
source.registercorsconfiguration("/**", config);
filterregistrationbean bean = new filterregistrationbean(new corsfilter(source));
// 这个顺序很重要哦,为避免麻烦请设置在最前
bean.setorder(0);
return bean;
}
}
|
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。
原文链接:https://segmentfault.com/a/1190000012364985