前端在使用vue获取api数据的时候在谷歌浏览器器中没有出现问题,但是用火狐就会出现跨域问题。配置如下:
@Component
public class CorsFilter implements GlobalFilter, Ordered {
private static final String ALL = "*";
private static final String MAX_AGE = "18000L";
@Override
public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain chain) {
ServerHttpRequest request = serverWebExchange.getRequest();
ServerHttpResponse response = serverWebExchange.getResponse();
HttpHeaders headers = response.getHeaders();
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, "*");
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "POST, GET, PUT, OPTIONS, DELETE, PATCH");
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*");
headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);
headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
if (request.getMethod() == HttpMethod.OPTIONS) {
response.setStatusCode(HttpStatus.OK);
return Mono.empty();
}
return chain.filter(serverWebExchange);
}
@Override
public int getOrder() {
return -300;
}
}
这种配置就会导致火狐浏览器出现跨域问题,实际上项目一只有跨域问题,只是我一直没发现,在用vue获取token的时候就算是谷歌也出现跨域的问题,所以可以看到上边的配置一直是有问题的。
这个问题在github有人提问过,作者给出的解释是:
spring-cloud-gateway默认采用webflux拦截,需要关闭webflux拦截,开启自定义拦截。
所以采用如下的配置就可以了:
/**
* @author: wangdingfeng
* @Date: 2020/3/27 22:06
* @Description:
*/
@Configuration
public class CorsConfig {
@Bean
public CorsWebFilter corsFilter() {
CorsConfiguration config = new CorsConfiguration();
config.addAllowedMethod("*");
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
source.registerCorsConfiguration("/**", config);
return new CorsWebFilter(source);
}
}
详细例子请参考我的spark项目: