跨域失败 过滤器_Spring Boot 跨域过滤器(过滤器跨域问题)

重写WebMvcConfigurer#addCorsMappings()可以解决一部分跨域的问题，但是对于有些过滤器涉及到跨域，且拦截器位面较高的话，还是会出现一些跨域问题。

配置 CorsFilter 跨域过滤器，一劳永逸

CorsFilterRegistrationConfig

package site.yuyanjia.template.common.config;

import org.springframework.boot.context.properties.ConfigurationProperties;

import org.springframework.boot.web.servlet.FilterRegistrationBean;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.web.cors.CorsConfiguration;

import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

import org.springframework.web.filter.CorsFilter;

import java.util.ArrayList;

import java.util.List;

/**

* 跨域过滤器

*

* @author seer

* @date 2018/6/29 10:09

*/

@Configuration

@ConfigurationProperties(prefix = CorsFilterRegistrationConfig.PREFIX)

public class CorsFilterRegistrationConfig {

public static final String PREFIX = "yuyanjia.filter.cors";

/**

* 允许跨域地址

* 允许所有：*

*/

private List allowedOriginList = new ArrayList<>();

/**

* 允许请求头信息

* 允许所有：*

*/

private List allowedHeaderList = new ArrayList<>();

/**

* 允许请求信息

* 允许所有：*

*/

private List allowedMethodList = new ArrayList<>();

/**

* 允许暴露信息

*/

private List exposedHeaderList = new ArrayList<>();

/**

* 允许证书

*/

private Boolean allowCredentials = true;

/**

* 缓存时间

*/

private Long maxAge = 3600L;

/**

* 过滤地址

*/

private String mapping = "";

/**

* 跨域过滤器

*

* @return

*/

@Bean

public FilterRegistrationBean CrosFilterRegistrationBean() {

CorsConfiguration corsConfiguration = new CorsConfiguration();

corsConfiguration.setAllowedOrigins(allowedOriginList);

corsConfiguration.setAllowedHeaders(allowedHeaderList);

corsConfiguration.setAllowedMethods(allowedMethodList);

corsConfiguration.setExposedHeaders(exposedHeaderList);

corsConfiguration.setMaxAge(maxAge);

corsConfiguration.setAllowCredentials(allowCredentials);

UrlBasedCorsConfigurationSource configurationSource = new UrlBasedCorsConfigurationSource();

configurationSource.registerCorsConfiguration(mapping, corsConfiguration);

CorsFilter corsFilter = new CorsFilter(configurationSource);

FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(corsFilter);

filterRegistrationBean.setOrder(0);

return filterRegistrationBean;

}

public List getAllowedOriginList() {

return allowedOriginList;

}

public void setAllowedOriginList(List allowedOriginList) {

this.allowedOriginList = allowedOriginList;

}

public List getAllowedHeaderList() {

return allowedHeaderList;

}

public void setAllowedHeaderList(List allowedHeaderList) {

this.allowedHeaderList = allowedHeaderList;

}

public List getAllowedMethodList() {

return allowedMethodList;

}

public void setAllowedMethodList(List allowedMethodList) {

this.allowedMethodList = allowedMethodList;

}

public List getExposedHeaderList() {

return exposedHeaderList;

}

public void setExposedHeaderList(List exposedHeaderList) {

this.exposedHeaderList = exposedHeaderList;

}

public Boolean getAllowCredentials() {

return allowCredentials;

}

public void setAllowCredentials(Boolean allowCredentials) {

this.allowCredentials = allowCredentials;

}

public Long getMaxAge() {

return maxAge;

}

public void setMaxAge(Long maxAge) {

this.maxAge = maxAge;

}

public String getMapping() {

return mapping;

}

public void setMapping(String mapping) {

this.mapping = mapping;

}

}

application.yml

yuyanjia:

filter:

cors:

allowed-origin-list:

- '*'

allowed-header-list:

- '*'

allowed-method-list:

- POST

- GET

exposed-header-list:

- access-control-allow-headers

- access-control-allow-methods

- access-control-allow-origin

- access-control-max-age

- X-Frame-Options

mapping: /website/**

推荐一些关于HTTP请求的相关资料，有助于了解跨域请求