具体某个域名允许:
HttpServletResponse.setHeader("Access-Control-Allow-Origin", "http://a.com");所有都允许:
HttpServletResponse.setHeader("Access-Control-Allow-Origin", "*");可以写一个返回方法:
public void responseString(String data, HttpServletResponse response) {
response.setHeader("Access-Control-Allow-Origin", domainName);
response.setContentType("application/json; charset=UTF-8");
response.setCharacterEncoding("utf-8");
response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
PrintWriter pw = null;
try {
pw = response.getWriter();
pw.write(data);
} catch (IOException e) {
e.printStackTrace();
} finally {
if (pw != null) {
pw.flush();
pw.close();
}
}
}也可以写一个Interceptor:
public class CORSInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception {
response.addHeader("Access-Control-Allow-Origin", "http://www.a.com");
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response,
Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
Object handler, Exception ex) throws Exception {
}
}然后在Spring配置文件中实例化此类:
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.test.CORSInterceptor"/>
</mvc:interceptor>参考链接:
https://blog.csdn.net/wo541075754/article/details/50696841