最近项目需求,后端代码部署之后,前端访问接口请求数据获取报错Access to XMLHttpRequest at 'http://xx.x.xx.xxx:9090/common/getOrderList' from origin 'http://xx.x.xx.xxx:18004' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.,于是有了这篇博文记录一下
解决核心代码:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class CorsConfig {
@Bean
public CorsFilter corsFilter() {
//1.添加CORS配置信息
CorsConfiguration config = new CorsConfiguration();
//1) 允许的域,不要写*,否则cookie就无法使用了
config.addAllowedOrigin("*");
//2) 是否发送Cookie信息
config.setAllowCredentials(true);
//3) 允许的请求方式GET POST等
config.addAllowedMethod("*");
// 4)允许的头信息
config.addAllowedHeader("*");
config.setMaxAge(3600L);
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration("/**", config);
//3.返回新的CorsFilter.
return new CorsFilter(configSource);
}
}
cors里的设置允许所有,所有为*,如果需要设置单一请求将*替换成所需对应的域名即可,亲测有效。