Project with Springboot write, and client interaction using http + json model, in order to obtain the requested data among the interceptor, which some signature verification, we refer to the online posts, joined RepeatedlyReadRequestWrapper.
If you do not join, we got them in the interceptor from the stream among data, to which the Controller, the data request which had already been cleared.
The reason for this increase is to request for some time to come, we have to get them from the stream data, and then through this RepeatedlyReadRequestWrapper copy of the data which put reflux, so you can get the data of the Controller.
This process is not a special post, a lot online. The following link you can
https://www.cnblogs.com/alter888/p/8919865.html
And for cross-domain configuration, we only need to build a CorsFilter, the main code is as follows:
After the addition of such a cross-domain, combined with the above-mentioned RepeatedlyReadRequestWrapper, we found that the presence of H5 or request cross-domain issue - specific problem, because each project kind of nervous, so we decided to adopt the following practices:
H5 request for a specific path, and do not walk sign interceptor unified experience for these paths, we still use ordinary ServletRequest request, so the interceptor does not take data directly to the Controller to pick up, so-called test also need to sign in to Controller I do sign such a test code, there will be at least two entrances, which for writing code, it is extremely bad.
Today, through the front and communication, we found that the original cross-domain requests H5, it will first send an OPTIONS request, after finished, will be a real request.
If it is because of this reason, it is much easier to solve the problem, as long as the request is received OPTIONS interceptor among direct return success.
Also in RepeatedlyReadRequestWrapper filter corresponding RepeatedlyReadFilter adding the following code:
then go directly ServletRequest request.
So far, cross-domain issues among the problems Springboot solve!
As for the SpringCloud layer gateway also cover how to solve the problem of cross-domain, and then cross-domain security issues which need attention, the other posts say.
