spring cloud在Zuul网关 如何解决跨域问题
-
解决方法一:编写配置类继承ZuulFilter
import com.netflix.zuul.ZuulFilter; import com.netflix.zuul.context.RequestContext; import javax.servlet.http.HttpServletResponse; import org.springframework.stereotype.Component; /** * @author : * @program : com.mooc.jiangzh.springcloud.filters.pre * @description : 解决跨域问题 **/ @Component public class CorsFilter extends ZuulFilter { public String filterType() { return "pre"; } public int filterOrder() { return 0; } public boolean shouldFilter() { return true; } public Object run() { RequestContext ctx = RequestContext.getCurrentContext(); // 跨域 HttpServletResponse response = ctx.getResponse(); response.addHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,DELETE,PUT"); response.setHeader("Access-Control-Allow-Headers","DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization"); response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); // response.setContentType("text/html;charset=UTF-8"); /* 跨域资源共享 - 这是HTTP协议规定的安全策略 - 配置资源共享的方式和目标方 前端: node+vue -> admin.meetingfilm.com 后端: springboot -> backend.meetingfilm.com -> 示例 缺陷:如果出现跨域策略不足的情况,需要修改代码,重新部署 -> Nginx */ return null; } }
zuul: #需要忽略的头部信息,不在传播到其他服务 sensitive-headers: Access-Control-Allow-Origin ignored-headers: Access-Control-Allow-Origin,H-APP-Id,Token,APPToken
-
解决方法二:编写配置类
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.CorsFilter; @Configuration public class CorsConfig { public CorsConfig() { } @Bean public CorsFilter corsFilter() { // 1. 添加cors配置信息 CorsConfiguration config = new CorsConfiguration(); config.addAllowedOrigin("http://localhost:8080"); // config.addAllowedOrigin("http://shop.z.mukewang.com:8080"); // config.addAllowedOrigin("http://center.z.mukewang.com:8080"); // config.addAllowedOrigin("http://shop.z.mukewang.com"); // config.addAllowedOrigin("http://center.z.mukewang.com"); // config.addAllowedOrigin("*"); // 设置是否发送cookie信息 config.setAllowCredentials(true); // 设置允许请求的方式 config.addAllowedMethod("*"); // 设置允许的header config.addAllowedHeader("*"); // 2. 为url添加映射路径 UrlBasedCorsConfigurationSource corsSource = new UrlBasedCorsConfigurationSource(); corsSource.registerCorsConfiguration("/**", config); // 3. 返回重新定义好的corsSource return new CorsFilter(corsSource); } }
-
解决方法三:在Zuul启动类下编写bean
import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.netflix.zuul.EnableZuulProxy; import org.springframework.context.annotation.Bean; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.CorsFilter; @EnableZuulProxy @SpringBootApplication public class BackendApigwZuulApplication { public static void main(String[] args) { SpringApplication.run(BackendApigwZuulApplication.class, args); } @Bean public CorsFilter corsFilter() { final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // 允许cookies跨域 config.addAllowedOrigin("*");// 允许向该服务器提交请求的URI,*表示全部允许。 config.addAllowedHeader("*");// 允许访问的头信息,*表示全部 config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了 config.addAllowedMethod("*");// 允许提交请求的方法,*表示全部允许,也可以单独设置GET、PUT等 source.registerCorsConfiguration("/**", config); return new CorsFilter(source); } }