首发-java配置CORSFilter过滤器实现跨域

java配置CORSFilter过滤器实现跨域

很多时候登录跨域时候需要从cookie中获取session,记录一下获取方法

前端：

ajax写法：

$.ajax({
            url: "http://localhost:8080/",
            type: "GET",
            xhrFields: {
                withCredentials: true  //设置携带cookie跨域设置
            },
            crossDomain: true,
            success: function (data) {
                render(data);
            }
 });

 

axios写法：

axios({
url:"127.0.0.1",
method:"post",
data:{
id:id
},
withCredentials:true  //携带cookie跨域设置为true

}).then((res) => {
console.log(res);
}

后台写法：

添加过滤器，然后过滤方法：

HttpServletResponse response = (HttpServletResponse) servletResponse;  
		HttpServletRequest request = (HttpServletRequest) servletRequest;
        response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));  
        response.setHeader("Access-Control-Allow-Methods", "GET,POST,HEAD,PUT,DELETE");  
        response.setHeader("Access-Control-Max-Age", "3600");  
        response.setHeader("Access-Control-Allow-Headers", "Accept,Origin,X-Requested-With,Content-Type,X-Auth-Token");  
        response.setHeader("Access-Control-Allow-Credentials", "true");  
		chain.doFilter(servletRequest, servletResponse);

其中Access-Control-Allow-Origin不能设置为*，否则获取不到