谷粒商城p47网关统一配置跨域

Tips：idea双击shift全局搜索

                类名冲突用全路径

Cross-origin Resource Sharing 中文名称 “跨域资源共享”

上一p登录报错，由跨域引起的，是浏览器对js施加的安全限制。本网站不能执行其他网站脚本

同源策略：协议名，端口，域名不同都算不同源

:8001/#/login:1  Access to XMLHttpRequest at 
'http://localhost:88/api/sys/login' 
from origin 
'http://localhost:8001' 
has been blocked by CORS policy:
 Response to preflight request doesn't pass access control check: 
No 'Access-Control-Allow-Origin' header is present on the requested resource.

谷粒商城ppt内容

先采用方法二

写filter添加响应头，写在网关里面就可以。统一配置跨域。

 跨源资源共享（CORS） - HTTP | MDN (mozilla.org)

解决

在网关中配置

@Configuration
public class GulimallCorsConfiguration {
    //springboot provides filter: class CorsWebFilter implements WebFilter

    @Bean
    public CorsWebFilter corsWebFilter(){
        UrlBasedCorsConfigurationSource source =  new UrlBasedCorsConfigurationSource();

        CorsConfiguration corsConfiguration = new CorsConfiguration();
        //1.配置跨域
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.setAllowCredentials(true);


        source.registerCorsConfiguration("/**",corsConfiguration);

        return new CorsWebFilter(source);
    }
}

、

点击登录会发送两次login请求，第一次options

第二次包含内容的

报错

 看上面第二次请求，有重复的，原因是renrenfast里面也配置了跨域，注释掉就好了。

Access to XMLHttpRequest at
 'http://localhost:88/api/sys/login' 
from origin 
'http://localhost:8001' 
has been blocked by CORS policy: 
The 'Access-Control-Allow-Origin' header contains multiple values 
'http://localhost:8001, http://localhost:8001', 
but only one is allowed.

注释后登录成功

@Configuration
public class CorsConfig implements WebMvcConfigurer {

//    @Override
//    public void addCorsMappings(CorsRegistry registry) {
//        registry.addMapping("/**")
//            .allowedOrigins("*")
//            .allowCredentials(true)
//            .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
//            .maxAge(3600);
//    }
}