81,090
社区成员
发帖
与我相关
我的任务
分享
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
@WebFilter(urlPatterns = "/*")
public class OriginFilter implements Filter {
private static final Logger logger = LoggerFactory.getLogger(OriginFilter.class);
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest)servletRequest;
String origin = request.getHeader("Origin");
response.setHeader("Access-Control-Allow-Origin", origin);
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization");
response.setHeader("Access-Control-Allow-Credentials", "true");
String method = request.getMethod();
if(method.equalsIgnoreCase("OPTIONS")){
servletResponse.getOutputStream().write("Success".getBytes("utf-8"));
}else{
filterChain.doFilter(servletRequest, servletResponse);
}
}
@Override
public void destroy() {
}
}
@CrossOrigin(
origins = {"http://url"},
allowedHeaders = {"xxxx"},
exposedHeaders = {"xxxxx"},
methods = {RequestMethod.GET},
allowCredentials = "xxxx",
maxAge = 3600)
@RequestMapping(value = {"/demo/{id}"},
method = {RequestMethod.GET},
produces = {MediaType.APPLICATION_JSON_VALUE})
.......
在对应的处理器或者处理器方法上加上@CrossOrigin注解,便可以针对每一个处理器进行跨域设置。
@Configuration
public class CorsConfig implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("*")
.allowCredentials(true)
.allowedMethods("GET", "POST", "DELETE", "PUT","PATCH")
.maxAge(3600);
}
}