在Controller上配置@CrossOrigin注解
@CrossOrigin(origins = "*",allowCredentials="true",allowedHeaders = "*",methods = {})
public class Controller {
}
配置类
package com.quintin.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
//@Configuration
public class CorsConfig {
private CorsConfiguration buildConfig(){
CorsConfiguration configuration = new CorsConfiguration();
//设置属性
//允许跨域请求的地址,*表示所有
configuration.addAllowedOrigin("*");
//配置跨域的请求头
configuration.addAllowedHeader("*");
//配置跨域的请求方法
configuration.addAllowedMethod("*");
// 表示跨域请求的时候是否使用的是同一个session
configuration.setAllowCredentials(true);
return configuration;
}
@Bean
public CorsFilter corsFilter(){
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**",buildConfig());
return new CorsFilter(source);
}
}
前端配置
如果是前后端分离的项目,则需要在前端配置
axios.defaults.withCredentials = true
跨域时,使用同一个 session