springboot后端跨域

在项目当中,现在开发都是前后端分离,有时候会产生请求的跨域,这个时候一般的解决方案有两种,一种是基于nginx进行跨域配置,还有一种是后端通过实现filter来允许跨域,下面看一下通过filter实现的跨域代码:

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        //设置请求允许跨域
        response.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, request.getHeader("Origin"));
        response.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
        //设置跨域-方法OK
        response.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, StringUtil.join(RequestMethod.values()));
        //设置跨域-请求头
        response.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, StringUtil.join(new String[]{
                HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS,
                HttpHeaders.CONTENT_TYPE,
                HttpHeaders.ACCEPT,
                HttpHeaders.ORIGIN}));

        /**
         * 预检查后,在 3600s 内不需要再预检查,直接进行请求
         */
        response.setHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600");

        /**
         * POST @RequestBody 类型参数接口会发一次 {@link RequestMethod#OPTIONS} 方式的请求进行预检查
         * 需要捕获(否则后端{@link HttpServletRequest#getRequestURI()} 没有对应的 {@link RequestMethod.OPTIONS} 请求方式)
         * 捕获后返回 {@link HttpStatus#SC_NO_CONTENT} 请求码即可
         */
        if (RequestMethod.OPTIONS.name().equals(request.getMethod())) {
            response.setStatus(HttpStatus.SC_NO_CONTENT);
        } else {
            chain.doFilter(req, res);
        }

    }

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void destroy() {
    }

}

 

你可能感兴趣的:(随笔)