在Zuul服务中做如下操作
添加config
包,并创建CORS
跨域配置类代码如下(有硬编码):
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class GlobalCORSConfig {
@Bean
public CorsFilter corsFilter() {
//1.添加CORS配置信息
CorsConfiguration config = new CorsConfiguration();
//1) 允许的域,不要写*,否则cookie就无法使用了,这里只是案例,根据自己的来
config.addAllowedOrigin("http://manage.hanniiu.com");
config.addAllowedOrigin("http://www.hanniiu.com");
config.addAllowedOrigin("http://127.0.0.1:9001");
config.addAllowedOrigin("http://127.0.0.1:9001");
//2) 是否发送Cookie信息
config.setAllowCredentials(true);
//3) 允许的请求方式
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("HEAD");
config.addAllowedMethod("GET");
config.addAllowedMethod("PUT");
config.addAllowedMethod("POST");
config.addAllowedMethod("DELETE");
// 4)允许的头信息
config.addAllowedHeader("*");
// 5)有效期 单位秒
config.setMaxAge(3600L);
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration("/**", config);
//3.返回新的CORSFilter
return new CorsFilter(configSource);
}
}
解决硬编码:
在application.yml里添加如下配置
例子:
hn:
cors:
allowedOrigins:
- http://manage.hanniiu.com
- http://www.hanniiu.com
- http://127.0.0.1:9001
- http://localhost:9001
allowedCredentials: true
allowedHeaders:
- "*"
allowedMethods:
- GET
- POST
- DELETE
- PUT
- OPTIONS
- HEAD
maxAge: 3600
filterPath: "/**"
定义类用于加载配置文件中的属性
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import java.util.List;
@Data //记得导入lombok依赖
@ConfigurationProperties(prefix = "hn.cors")
public class CORSProperties {
private List<String> allowedOrigins;
private Boolean allowedCredentials;
private List<String> allowedMethods;
private List<String> allowedHeaders;
private Long maxAge;
private String filterPath;
}
出现这个没事,不影响代码运行
修改之前的跨域配置类:
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
@EnableConfigurationProperties(CORSProperties.class)
public class GlobalCORSConfig {
@Bean
public CorsFilter corsFilter(CORSProperties corsProperties) {
//1.添加CORS配置信息
CorsConfiguration config = new CorsConfiguration();
//1) 允许的域,不要写*,否则cookie就无法使用了
corsProperties.getAllowedOrigins().forEach(config::addAllowedOrigin);
//2) 是否发送Cookie信息
config.setAllowCredentials(corsProperties.getAllowedCredentials());
//3) 允许的请求方式
corsProperties.getAllowedMethods().forEach(config::addAllowedMethod);
// 4)允许的头信息
corsProperties.getAllowedHeaders().forEach(config::addAllowedHeader);
// 5)配置有效期 单位秒
config.setMaxAge(corsProperties.getMaxAge());
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration(corsProperties.getFilterPath(), config);
//3.返回新的CORSFilter.
return new CorsFilter(configSource);
}
}