Filter代码
@WebFilter(urlPatterns = {"/*"},filterName = "MyFilter")
@Component
public class MyFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
HttpServletResponse resp = (HttpServletResponse) response;
HttpServletRequest req = (HttpServletRequest) request;
resp.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));//不能为*
resp.setHeader("Access-Control-Allow-Headers", "x-requested-with,content-type");//不能为*
resp.setHeader("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS");
resp.setHeader("Access-Control-Allow-Credentials","true");//前三行解决跨域,这一句行是携带证书(关键)
chain.doFilter(req, resp);
}
public void init(FilterConfig config) throws ServletException {
}
}
前端axios配置,携带证书
axios.defaults.withCredentials = true;
jquery ajax配置
$.ajax({
type:'post',
dataType:'json',
xhrFields:{ withCredentials: true }
})