java配置CORSFilter过滤器实现跨域
很多时候登录跨域时候需要从cookie中获取session,记录一下获取方法
前端:
ajax写法:
$.ajax({
url: "http://localhost:8080/",
type: "GET",
xhrFields: {
withCredentials: true //设置携带cookie跨域设置
},
crossDomain: true,
success: function (data) {
render(data);
}
});
axios写法:
axios({
url:"127.0.0.1",
method:"post",
data:{
id:id
},
withCredentials:true //携带cookie跨域设置为true
}).then((res) => {
console.log(res);
}
后台写法:
添加过滤器,然后过滤方法:
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest) servletRequest;
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Methods", "GET,POST,HEAD,PUT,DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Accept,Origin,X-Requested-With,Content-Type,X-Auth-Token");
response.setHeader("Access-Control-Allow-Credentials", "true");
chain.doFilter(servletRequest, servletResponse);
其中Access-Control-Allow-Origin不能设置为*,否则获取不到