已被 CORS 政策阻止:对预检请求的响应未通过 [英] has been blocked by CORS policy: Response to preflight request doesn't pass

查看：135 发布时间：2021/11/8 23:36:14 java spring spring-boot authentication angular7

本文介绍了已被 CORS 政策阻止:对预检请求的响应未通过的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我已经创建了一个使用 angular 和 springboot 进行基本身份验证的应用程序，但我收到了 401 错误..我是 springboot 的新手

@Configuration@EnableWebSecurity公共类 SpringSecurityConfigurationBasicAuth 扩展了 WebSecurityConfigurerAdapter{@覆盖protected void configure(HttpSecurity http) 抛出异常 {http.csrf().disable().authorizeRequests().antMatchers(HttpMethod.OPTIONS,"/**").permitAll().anyRequest().authenticated().和()//.formLogin().and().httpBasic();}}

<块引用>

"访问 XMLHttpRequest 在 'http://localhost:8080/hello-world/path-variable/MSD' from origin 'http://localhost:4200' 已被阻止CORS 策略:对预检请求的响应未通过访问控制检查:它没有 HTTP ok 状态."

解决方案

您可以尝试以下方法在controller的顶部，您可以添加@CrossOrigin(origins = "*", allowedHeaders = "*") 或根据需要自定义

<预><代码>...@CrossOrigin(origins = "*", allowedHeaders = "*")@RestController公共类用户控制器{//方法}...

请尝试上述解决方案，如果这不起作用，请告诉我

编辑 1:您还可以尝试使用 CORS 选项创建过滤器:

import java.io.IOException;导入 javax.servlet.Filter;导入 javax.servlet.FilterChain;导入 javax.servlet.FilterConfig;导入 javax.servlet.ServletException;导入 javax.servlet.ServletRequest;导入 javax.servlet.ServletResponse;导入 javax.servlet.http.HttpServletResponse;导入 org.slf4j.Logger;导入 org.slf4j.LoggerFactory;导入 org.springframework.core.annotation.Order;导入 org.springframework.stereotype.Component;@成分@订单(1)公共类 SimpleCORSFilter 实现过滤器 {私有最终记录器日志 = LoggerFactory.getLogger(SimpleCORSFilter.class);公共 SimpleCORSFilter() {log.info("SimpleCORSFilter init");}@覆盖public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)抛出 IOException，ServletException {//HttpServletRequest request = (HttpServletRequest) req;HttpServletResponse 响应 = (HttpServletResponse) res;response.setHeader("Access-Control-Allow-Origin", "*");response.setHeader("Access-Control-Allow-Credentials", "true");response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");response.setHeader("Access-Control-Max-Age", "3600");response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");chain.doFilter(req, res);}@覆盖公共无效初始化(FilterConfig filterConfig){}@覆盖公共无效销毁(){}}

请尝试使用 filters 方法，如果它不起作用请告诉我

I have created one app using angular and springboot for basic authentication with spring security but i am getting 401 error ..i am novice in springboot

@Configuration
@EnableWebSecurity
public class SpringSecurityConfigurationBasicAuth extends WebSecurityConfigurerAdapter{ 

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeRequests()
            .antMatchers(HttpMethod.OPTIONS,"/**").permitAll()
                .anyRequest().authenticated()
                .and()
            //.formLogin().and()
            .httpBasic();
    }
}

"Access to XMLHttpRequest at 'http://localhost:8080/hello-world/path-variable/MSD' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status."

解决方案

You could try the following At the top of the controller, you can add @CrossOrigin(origins = "*", allowedHeaders = "*") or customise if required

...
@CrossOrigin(origins = "*", allowedHeaders = "*")
@RestController
public class UserController {
    // Methods
}
...

Please try above solution and let me know if this doesnt work

EDIT 1: You could also try to create a filter with CORS options:

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

@Component
@Order(1)
public class SimpleCORSFilter implements Filter {

    private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

    public SimpleCORSFilter() {
        log.info("SimpleCORSFilter init");
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {

        // HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

        chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void destroy() {
    }

}

Please try with the filters method and let me know if it doesn't work

这篇关于已被 CORS 政策阻止:对预检请求的响应未通过的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

已被 CORS 政策阻止:对预检请求的响应未通过 [英] has been blocked by CORS policy: Response to preflight request doesn't pass

问题描述

相关文章

Java开发最新文章

热门教程

热门工具

登录关闭

已被 CORS 政策阻止:对预检请求的响应未通过 [英] has been blocked by CORS policy: Response to preflight request doesn&#39;t pass

问题描述

相关文章

Java开发最新文章

热门教程

热门工具

登录 关闭

已被 CORS 政策阻止:对预检请求的响应未通过 [英] has been blocked by CORS policy: Response to preflight request doesn't pass

登录关闭