Tips:idea双击shift全局搜索
类名冲突用全路径
Cross-origin Resource Sharing 中文名称 “跨域资源共享”
上一p登录报错,由跨域引起的,是浏览器对js施加的安全限制。本网站不能执行其他网站脚本
同源策略:协议名,端口,域名不同都算不同源
:8001/#/login:1 Access to XMLHttpRequest at
'http://localhost:88/api/sys/login'
from origin
'http://localhost:8001'
has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
谷粒商城ppt内容
先采用方法二
写filter添加响应头,写在网关里面就可以。统一配置跨域。
跨源资源共享(CORS) - HTTP | MDN (mozilla.org)
解决
在网关中配置
@Configuration
public class GulimallCorsConfiguration {
//springboot provides filter: class CorsWebFilter implements WebFilter
@Bean
public CorsWebFilter corsWebFilter(){
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration corsConfiguration = new CorsConfiguration();
//1.配置跨域
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.setAllowCredentials(true);
source.registerCorsConfiguration("/**",corsConfiguration);
return new CorsWebFilter(source);
}
}
、
点击登录会发送两次login请求,第一次options
第二次包含内容的
报错
看上面第二次请求,有重复的,原因是renrenfast里面也配置了跨域,注释掉就好了。
Access to XMLHttpRequest at
'http://localhost:88/api/sys/login'
from origin
'http://localhost:8001'
has been blocked by CORS policy:
The 'Access-Control-Allow-Origin' header contains multiple values
'http://localhost:8001, http://localhost:8001',
but only one is allowed.
注释后登录成功
@Configuration
public class CorsConfig implements WebMvcConfigurer {
// @Override
// public void addCorsMappings(CorsRegistry registry) {
// registry.addMapping("/**")
// .allowedOrigins("*")
// .allowCredentials(true)
// .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
// .maxAge(3600);
// }
}