弹簧引导和CORS [英] Spring Boot and CORS
本文介绍了弹簧引导和CORS的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在春天开机时遇到CORS问题。我已经这样配置CORS
@Configuration
@EnableWebMvc
类WebConfig扩展WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry注册表){
registry.addMapping(/ **);
}
}
我假设启用所有标题和其他东西。 / p>
它可以与GET请求一起使用。
$ .get(someUrl,function(data,status){
/ pre>
console.log(data [0] .latitude);
});
但是当我像这样做POST请求时
$ .ajax({
url:'someUrl',
type:'post',
dataType:'json',
crossDomain:true,
contentType:application / json; charset = utf-8,
success:function(data){
console.log(data);
},
data :object
});
我得到以下
选项XHRsomeUrl[HTTP / 1.1 403 Forbidden 4ms]
跨原始请求被阻止:同源策略不允许读取远程资源 someUrl。
(原因:CORS头'Access-Control-Allow-Origin'缺失)。
如何解决这个问题?
解决方案
使用spring-boot应用程序配置CORS过滤器的简单方法是使 em>这样:
@Component
public class SimpleCORSFilter implements Filter {
public void doFilter(ServletRequest req,ServletResponse res,FilterChain chain)throws IOException,ServletException {
HttpServletResponse response =(HttpServletResponse)res;
response.setHeader(Access-Control-Allow-Origin,*);
response.setHeader(Access-Control-Allow-Methods,POST,GET,PUT,OPTIONS,DELETE,PATCH);
response.setHeader(Access-Control-Max-Age,3600);
response.setHeader(Access-Control-Allow-Headers,Origin,X-Requested-With,Content-Type,Accept);
response.setHeader(Access-Control-Expose-Headers,Location);
chain.doFilter(req,res);
}
public void init(FilterConfig filterConfig){}
public void destroy(){}
}
使用 spring-boot 1.3.0 / p>
I facing issue with CORS in spring boot. I have configured CORS like this
@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**");
}
}
which I suppose enables all header and other stuff.
It works excellently with GET request
$.get("someUrl, function(data, status){
console.log(data[0].latitude);
});
But whenever I make POST request like this
$.ajax({
url: 'someUrl',
type: 'post',
dataType: 'json',
crossDomain: true,
contentType: "application/json; charset=utf-8",
success: function (data) {
console.log(data);
},
data: object
});
I get the following
OPTIONS XHR "someUrl" [HTTP/1.1 403 Forbidden 4ms]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at "someUrl".
(Reason: CORS header 'Access-Control-Allow-Origin' missing).
How can I solve this issue?
解决方案
Simple way of configuring CORS filter with spring-boot app is to make @Component class which implements Filter like this:
@Component
public class SimpleCORSFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE, PATCH");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
response.setHeader("Access-Control-Expose-Headers", "Location");
chain.doFilter(req, res);
}
public void init(FilterConfig filterConfig) {}
public void destroy() {}
}
It works great with spring-boot 1.3.0
这篇关于弹簧引导和CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文