- 跨域是前后端分离必须要解决的问题
- 当我们在开发环境加上一段代码 解决跨域问题
/**
* 允许跨域调用的过滤器
*/
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.addAllowedOrigin("*");
config.setAllowCredentials(true);
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(0);
return new CorsFilter(source);
}
- 但是当我们部署到nginx上也加上了一段跨界解决代码 加上header头
location /m/admin/{
set $origin '*';
if ($http_origin) {
set $origin "$http_origin";
}
add_header 'Access-Control-Allow-Origin' $origin always;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, DELETE, PUT, OPTIONS';
add_header 'Access-Control-Allow-Headers' '*';
if ($request_method = 'OPTIONS') {
return 204;
}
client_max_body_size 30m;
proxy_pass http://mallAdmin/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
- 那么我们前端工程师在连接部署到的环境开始调试的时候就会出现双重header头
- 解决方式一:去掉nginx的header头
location /m/admin/{
set $origin '*';
if ($http_origin) {
set $origin "$http_origin";
}
if ($request_method = 'OPTIONS') {
return 204;
}
client_max_body_size 30m;
proxy_pass http://mallAdmin/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
- 解决方式二:加上注解@Profile(“dev”)标识这只是在开发环境中使用,或者注释掉这段代码在部署到测试环境去
/**
* 允许跨域调用的过滤器
*/
@Bean
@Profile("dev")
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.addAllowedOrigin("*");
config.setAllowCredentials(true);
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(0);
return new CorsFilter(source);
}
这样就完美解决了,双重header头的跨域问题了。