写springboot接口的时候碰到一个很离谱的问题:
我在Postman进行接口调试的时候,好,接口啥也没问题,然后我就把接口部署到服务器了,然后写了个vue3的登陆页面,登录请求用的是axios,然后也没啥问题,登陆成功了获取到token了,然后我有个接口,跟逆子一样,我把token信息传进去请求,他离奇的报错:
Access to XMLHttpRequest at 'http://XX.XX.XX.XX:8080/admin/info' from origin 'http://localhost:5173' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我想着是不是跨域那边没设置好,然后我就去springboot改:
@Configuration
public class CorsConfig implements WebMvcConfigurer { // cors跨域请求配置类
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("http://localhost:5173")
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.allowedHeaders("Content-Type", "Authorization");
}
}
这边设置了http://localhost:5173,之前设置的是通配符 * ,然后我自信满满的重新运行、刷新、好,它报错,问题没解决,我抓耳挠腮的在服务器和本地都调试了一遍,都不行!!气死!
后面网上找了一大堆,我看到一个OPTIONS解决的一个问题,哦豁!跟我问题有点像!然后我就修修改改,最后在interceptor拦截器配置类里加上了:
registry.addInterceptor(new HandlerInterceptor() { // options跨域问题解决
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS");
response.setHeader("Access-Control-Max-Age", "86400");
response.setHeader("Access-Control-Allow-Headers", "*");
// 如果是OPTIONS则结束请求
if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
response.setStatus(HttpStatus.NO_CONTENT.value());
return false;
}
return true;
}
}).addPathPatterns("/**");
运行,刷新,问题解决~