请求跨域
@Component
public class RequestCors implements WebMvcConfigurer {
@Override
public void addCorsMappings ( CorsRegistry registry) {
registry. addMapping ( "/**" )
. allowedOrigins ( "*" )
. allowedMethods ( "*" )
. maxAge ( 3600 ) ;
}
}
响应跨域
@Component
public class AccessControlAllowOriginFilter implements Filter {
@Override
public void init ( FilterConfig filterConfig) throws ServletException { }
@Override
public void doFilter ( ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = ( HttpServletResponse) servletResponse;
response. setHeader ( "Access-Control-Allow-Origin" , "*" ) ;
response. setHeader ( "Access-Control-Allow-Methods" , "POST, GET, OPTIONS, DELETE" ) ;
response. setHeader ( "Access-Control-Max-Age" , "3600" ) ;
response. setHeader ( "Access-Control-Allow-Headers" , "DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization" ) ;
response. setContentType ( "application/json;charset=UTF-8" ) ;
filterChain. doFilter ( servletRequest, response) ;
}
@Override
public void destroy ( ) { }
}
① 一定要检查出现跨域的原因,是请求跨域,还是响应数据跨域,再有就是请求头Header是否允许。② 前端要是配置withCredentials=true,那意味着需要开启Cookie缓存,后端要做响应的处理,不能在response响应跨域中配置Access-Control-Allow-Origin为“*”。