最近在部署前后端分离项目,遇到跨域问题,处理了半天。发现GET请求通了,但是PUT、POST等请求方法不通。
现场
前端部署在本地9090端口:http://127.0.0.1:9090
后端部署在本地9999端口:http://127.0.0.1:9999
前端使用 axios 客户端工具,后端使用 springboot 2.4.6
浏览器控制台报错:
Access to XMLHttpRequest at 'http://127.0.0.1:9999/jtest/post' from origin 'http://127.0.0.1:9090' has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.
分析
意思是说:
前端调用后端 ‘http://127.0.0.1:9999/jtest/post’ 接口时发生跨域,并且跨域校验未通过,原因是前端的请求头信息content-type
不被允许,因为在 respose 的头信息 Access-Control-Allow-Headers
中未配置。
注意错误重点是:
Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.
因此在response的头信息中加上 content-type
即可
response.setHeader("Access-Control-Allow-Headers", "content-type");
总结
经过简单测试,如果对请求地址,请求头信息等不做要求,使用以下代码可以解决大多数跨域问题。
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
@Component
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
// HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT, GET");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "**");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void destroy() {}
}