- 处理单个controller跨域,在类上添加
@CrossOrigin
注解
@CrossOrigin
@RestController
@RequestMapping("/test")
public class TestController {
private static final Logger log = LoggerFactory.getLogger(TestController.class);
@GetMapping("/get1")
private ResultBean get1() {
log.info("TestController.get1()");
return new ResultBean("get1 ok");
}
}
@SpringBootApplication
public class AjaxServerApplication {
public static void main(String[] args) {
SpringApplication.run(AjaxServerApplication.class, args);
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource config = new UrlBasedCorsConfigurationSource();
CorsConfiguration configSource = new CorsConfiguration();
configSource.addAllowedOrigin("*");
configSource.addAllowedHeader("*");
configSource.addAllowedMethod("*");
config.registerCorsConfiguration("/**", configSource);
return new CorsFilter(config);
}
}
- 第三种方式:使用过滤器实现,获取调用方的origin
@Configuration
public class CorsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest req, ServletResponse rep, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) rep;
String origin = request.getHeader("Origin");
response.setHeader("Access-Control-Allow-Origin", origin);
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type");
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
}