方法一:拦截器interceptor(目前我用的方法)
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
public class CrossOriginConfig implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) {
// 预见命令的缓存时间为1个小时
httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
httpServletResponse.setHeader("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With");
httpServletResponse.setHeader("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
httpServletResponse.setHeader("X-Powered-By", "Jetty");
String method = httpServletRequest.getMethod();
if ("OPTIONS".equals(method)) {
httpServletResponse.setStatus(200);
return false;
}
return true;
}
}
// 上面没其效果,可能需要webMvcConfigurer里面注入一下
@Configuration
public class WorkflowWebMvcConfig implements WebMvcConfigurer {
private final CrossOriginConfig crossOriginConfig;
@Autowired
public WorkflowWebMvcConfig(CrossOriginConfig crossOriginConfig) {
this.crossOriginConfig = crossOriginConfig;
}
//其他方法省略
}
方法二:过滤器filter
public class SimpleCORSFilter implements Filter{
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
还可以单个接口里面修改(也可以把接口请求改成Get方式)
response.addHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.addHeader("Access-Control-Max-Age", "1800");//30 min