Access to XMLHttpRequest at ‘http://appservice.wogame-dev.com/h5/game/getCdkDetail’ from origin ‘http://app.wogame-dev.com’ has been blocked by CORS policy: Request header field wg-token is not allowed by Access-Control-Allow-Headers in preflight response.
抓包查看http请求和响应,发现已允许跨域。说明跨域设置是成功了,只是HTTP Header缺少了一个字段,导致的报错。
2、这里贴出java源码:
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
- 【跨域拦截器】
*/
@Configuration
public class CorsInterceptor extends HandlerInterceptorAdapter {
@Value(“${service.corsOrigin}”)
private String corsOrigins = “http://app.wogame-dev.com”;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String origin = request.getHeader(“Origin”);
if (StringUtils.isNotBlank(origin) && corsOrigins.contains(origin)) {
response.setHeader(“Access-Control-Allow-Origin”, origin);
response.setHeader(“Access-Control-Allow-Headers”, "Origin, X-Requested-With, Content-Type, Accept, " +
“WG-App-Version, WG-Device-Id, WG-Network-Type, WG-Vendor, WG-OS-Type, WG-OS-Version, WG-Device-Model, WG-CPU, WG-Sid, WG-App-Id, WG-Token”);
response.setHeader(“Access-Control-Allow-Methods”, “POST, GET”);
response.setHeader(“Access-Control-Allow-Credentials”, “true”);
}
/设备默认值/
response.setContentType(“application/json;charset=UTF-8”);
知其然不知其所以然,大厂常问面试技术如何复习?
1、热门面试题及答案大全
面试前做足功夫,让你面试成功率提升一截,这里一份热门350道一线互联网常问面试题及答案助你拿offer
2、多线程、高并发、缓存入门到实战项目pdf书籍
3、文中提到面试题答案整理
4、Java核心知识面试宝典
覆盖了JVM 、JAVA集合、JAVA多线程并发、JAVA基础、Spring原理、微服务、Netty与RPC、网络、日志、Zookeeper、Kafka、RabbitMQ、Hbase、MongoDB 、Cassandra、设计模式、负载均衡、数据库、一致性算法 、JAVA算法、数据结构、算法、分布式缓存、Hadoop、Spark、Storm的大量技术点且讲解的非常深入
14804117171)]