本质上没有区别,都是基于Filter
SpringMvc
web.xml 配置过滤器
<!-- 跨域过滤器 -->
<filter>
<filter-name>crossOriginFilter</filter-name>
<filter-class>com.zz.jersey.CrossOriginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>crossOriginFilter</filter-name>
<url-pattern>/service/index/*</url-pattern>
</filter-mapping>
filter代码
package com.zz.jersey;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @author www.itdream.site
* @description
* @create 2020-12-08 16:34
*/
public class CrossOriginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("CrossOriginFilter init");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
httpServletResponse.setHeader("Access-Control-Allow-Headers",
httpServletRequest.getHeader("Access-Control-Request-Headers"));
httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
// 跨域时会首先发一个option请求,这里我们给option请求直接返回正常状态
if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
httpServletResponse.setStatus(HttpStatus.OK.value());
}
filterChain.doFilter(httpServletRequest,httpServletResponse);
}
@Override
public void destroy() {
System.out.println("CrossOriginFilter destroy");
}
}
SpringBoot
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setCharacterEncoding("UTF-8");
// 跨域
httpResponse.setHeader("Access-Control-Allow-Origin", "*");
httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
httpResponse.setHeader("Access-Control-Max-Age", "3600");
httpResponse.setHeader("Access-Control-Allow-Headers", "x-requested-with, Authorization");
// httpResponse.setHeader("Access-Control-Allow-Origin", "*");
if ("OPTIONS".equals(httpRequest.getMethod())) {
// HttpStatus.SC_NO_CONTENT = 204
httpResponse.setStatus(HttpStatus.NO_CONTENT.value());
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type, x-requested-with, Token, Authorization");
httpResponse.setHeader("Access-Control-Allow-Methods", "OPTIONS,GET,POST,DELETE,PUT");
}
chain.doFilter(request, response);
return;
}