要解决跨域的问题,就要先知道什么是跨域?
跨域指的就是浏览器进行网页中的JS代码时候,由于浏览器的同源策略的限制,只能访问同源的资源,例如同一个域名(端口)下的网页地址,跨端口的跨域名其实就是跨域的问题!
常见的解决方法有2种:
1.jsonp
2.CROS
我这里主要说一说CROS:这个其实主要就是在后端的一种解决方案,在SpringBoot中,添加如下代码即可。
import org.springframework.context.annotation.Configuration;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Configuration
public class CorsConfig implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
String origin = request.getHeader("Origin");
if(origin!=null) {
response.setHeader("Access-Control-Allow-Origin", origin);
}
String headers = request.getHeader("Access-Control-Request-Headers");
if(headers!=null) {
response.setHeader("Access-Control-Allow-Headers", headers);
response.setHeader("Access-Control-Expose-Headers", headers);
}
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Credentials", "true");
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
- 其实无论哪种方案,最终目的都是修改响应头,向响应头中添加浏览器所要求的数据,进而实现跨域。
还有一种方式就是加注解@CrossOrigin
@RestController 写在类上的
@CrossOrigin(origins = "*")
public class Controller {
@RequestMapping("/")
public String CROS() {
return "CROS";
}
}
@RequestMapping("/CROS") 写在方法上的
@CrossOrigin(origins = "*")
//@CrossOrigin(value = "http://localhost:8080") //指定具体ip允许跨域
public String CROS() {
return "CROS";
}