Spring 遇到403 跨域问题,排查和解决方法如下:
1、确认项目中是否采用tomcat的跨域控制,如果采用,修改项目或者tomcat下的web.xml 内容如下:
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
2、如果想使用spring控制
1)一种方案是在spring配置文件中添加如下内容即可(全局)
<mvc:cors>
<mvc:mapping path="/**" allowed-origins="*" allowed-methods="*" allowed-headers="*" allow-credentials="true" max-age="3600"/>
</mvc:cors>
2)第二种方案是在controller中或者方法中添加注解@CrossOrigin(控制到类或者方法)
@CrossOrigin
@Controller
@RequestMapping("/mycontroller")
public class MyController{
@CrossOrigin
@ResponseBody
@RequestMapping(value = "/findList",method = RequestMethod.POST)
public String findList(HttpServletRequest servletRequest){
......
}
......
}