SpringBoot 版本为 2.5.0
1、全局配置
实现WebMvcConfigurer接口然后重写addCorsMappings方法解决跨域问题。
@Configuration
public class CorsConfig implements WebMvcConfigurer {
static final String ORIGINS[] = {"GET", "POST", "PUT", "DELETE"};
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**") // 所有的当前站点的请求地址,都支持跨域访问
.allowedOriginPatterns("*") // 所有的外部域都可以跨域访问
.allowCredentials(true) // 是否支持跨域用户凭证
.allowedMethods(ORIGINS) // 当前站点支持的跨域请求类型是什么
.maxAge(60); // 超时时长设置为60秒
}
}
2、使用 @CrossOrigin 注解
@RestController
@CrossOrigin(maxAge = 60, originPatterns = "*")
public class DemoController {
@PostMapping("/test")
public void test(@RequestBody TestEntity entity){
System.out.println(entity);
}
}
3、自定义跨域过滤器
public class CORSFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// * 表示对所有请求都允许跨域访问
HttpServletResponse res = (HttpServletResponse) servletResponse;
res.addHeader("Access-Control-Allow-Credentials", "true");
res.addHeader("Access-Control-Allow-Origin", "*");
res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
res.addHeader("Access-Control-Allow-Headers", "Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN");
if (((HttpServletRequest) servletRequest).getMethod().equals("OPTIONS")){
servletResponse.getWriter().println("Success");
return;
}
filterChain.doFilter(servletRequest, servletResponse);
}
}