跨域访问
A网站与B网站不在同一个域中,那么就出现了跨域访问问题,不同端口也属于跨域
如果是跨域访问,这时候就会报错
has been blocked by CORS policy: No 'Access-Control-Allow-Origin'
解决方案
1.@CrossOrigin
在相应的方法或者类上加上@CrossOrigin注解
包含多个参数:
- origins: 允许可访问的域列表
- maxAge:准备响应前的缓存持续的最大时间(以秒为单位)。
例如
@RestController
@RequestMapping("admin/article")
@CrossOrigin
public class ArticleController
@GetMapping("/list")
@CrossOrigin
public Result listArticle(@RequestParam Map<String, Object> params)
2.全局CORS配置
@Configuration
public class CorsConfig implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("*")
.allowCredentials(true)
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.maxAge(3600);
}
}
3.基于过滤器CORS
@Configuration
public class CorsConfig {
/**
* 配置全局跨域
*/
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
corsConfiguration.setAllowCredentials(true);
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", buildConfig());
return new CorsFilter(source);
}
}