Spring CORS控制器注释不工作 [英] Spring CORS controller annotation not working
问题描述
我想允许一个域的跨源请求。我的项目使用Spring,所以我想利用新的CORS支持。
I want to allow cross origin requests for one domain. My project uses Spring so I want to take advantage of the new CORS support.
我使用版本 4.2.0
for all springframework
dependencies。
I am using version 4.2.0
for all springframework
dependencies.
我按照这里的例子 https://spring.io/blog/2015/06/08/cors-support-in-spring-framework#disqus_thread 并尝试了第一个版本。我的控制器注释如下所示:
I followed the example here https://spring.io/blog/2015/06/08/cors-support-in-spring-framework#disqus_thread and tried the first version. My controller annotations looks like:
@CrossOrigin(origins = "http://fiddle.jshell.net/", maxAge = 3600)
@Controller
@RequestMapping("/rest")
public class MyController
b $ b
如果我理解正确,mvc-config是一个替代方法。我也尝试过:
If I understood correctly the mvc-config is an alternative method. I tried it as well:
<mvc:cors>
<mvc:mapping path="/**"
allowed-origins="http://fiddle.jshell.net/, http://domain2.com"
allowed-methods="GET, PUT"
allowed-headers="header1, header2, header3"
exposed-headers="header1, header2" allow-credentials="false"
max-age="123" />
</mvc:cors>
无论使用哪种方法,Response都不包含 Access -Control-Allow-Origin
,我也无法通过jsfiddle的简单查询得到结果。
With either methods, the Response doesn't seem to contain anything like Access-Control-Allow-Origin
, neither can I get a result back through a simple query from jsfiddle.
Chrome开发人员工具,当从localhost运行和访问时如下。在这种情况下,请求来自相同的域,而不是通过javascript,但我认为CORS注释将添加访问控制参数吗?
The header info from Chrome developer tools, when ran and accessed from localhost is below. In this case the request is from the same domain and not through javascript, but I thought the CORS annotation would add the access control parameters anyway?
响应标题:
Content-Length:174869
Content-Type:text/html;charset=UTF-8
Date:Fri, 21 Aug 2015 12:21:09 GMT
Server:Apache-Coyote/1.1
请求标题:
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*\/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8,ro;q=0.6,de;q=0.4,fr;q=0.2
Cache-Control:no-cache
Connection:keep-alive
Cookie:JSESSIONID=831EBC138D2B7E176DF4945ADA05CAC1;_ga=GA1.1.1046500342.1404228238; undefined=0
Host:localhost:8080
Pragma:no-cache
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0(Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36
不使用弹簧启动,我认为我错过了一个配置步骤。
I do not use spring boot and I presume I missed a configuration step.
推荐答案
当我在@Configuration注释类中没有@EnableWebMvc注释时,会出现问题。
我已经报告这个问题,作为Sping Jira中的一个错误,后面有详细信息: https: //jira.spring.io/browse/SPR-13857
I've reproduced this problem for myself. The problem happens when I don't have @EnableWebMvc annotation in my @Configuration annotated class. I've reported this problem as a bug in Sping Jira with details behind it: https://jira.spring.io/browse/SPR-13857
我在代码或文档中看到修复。文档修复将在@CrossOrigin类javadoc中声明@EnableWebMvc是必需的,但我更喜欢在代码中的修复,使得cors注释工作没有@EnableWebMvc。
I see the fix either in code or in documentation. Documentation fix would be to state in @CrossOrigin class javadoc that @EnableWebMvc is required, but I'd prefer the fix in code so that cors annotation works without @EnableWebMvc.
这篇关于Spring CORS控制器注释不工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!