Access to XMLHttpRequest at 'http://xxx.xxx.xxx.xxx:8081/user/login' from origin http://xxx.xxx.xxx.xxx:8082' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
由于使用的是shiro集成springboot,所以使用如下配置没有生效。如果单独的使用springboot,使用该方法跨域是可以的。
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new
UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
config.setAllowedOrigins(allowedOrigins);
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
所以修改为了如下过滤器,原因是跨域过滤器可以先与jwtFilter过滤器执行。测试有效
@Component
public class CorsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest) servletRequest;
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Headers", request.getHeader("Access-Control-Request-Headers"));
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Credentials", "true");
// 跨域时会首先发送一个option请求,这里我们给option请求直接返回正常状态
if (request.getMethod().equals(RequestMethod.OPTIONS.name())) {
response.setStatus(HttpStatus.OK.value());
return;
}
filterChain.doFilter(request, response);
}
@Override
public void destroy() {
}
}
跨域其他问题:
The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed。
主要为niginx配置了跨域,后端有重复配置引起,两者去除之一就行
参考文档:
https://blog.csdn.net/weixin_39973810/article/details/85786693
https://blog.csdn.net/qq_28082757/article/details/101017679
https://blog.csdn.net/poem_2010/article/details/86382559