Interceptors handle cross-domain
package com.cn.zx.config;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Interceptor拦截器
* describe: 拦截器的preHandle方法,预先处理客户端的各种请求
* current user Maochao.zhu
* current system 2020/11/6
*/
public class CrossInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
System.out.println("####################CrossInterceptor="+o);
// 跨域资源共享( cors )
String origin = httpServletRequest.getHeader("Origin");
//允许谷歌cookie
httpServletResponse.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=None");
httpServletResponse.setHeader("Access-Control-Allow-Origin", origin);
//允许的方法
httpServletResponse.setHeader("Access-Control-Allow-Methods", "*");
//允许的头部参数
httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin,Content-Type,Accept,X-os,X-uid,X-token,X-role,X-Requested-With");
//用户代理是否应该在跨域请求的情况下从其他域发送cookies
httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
return true;
}
}
Load cross domain interceptor
package com.cn.zx.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* describe: 加载跨域拦截器
* current user Maochao.zhu
* current system 2020/11/6
*/
@Configuration
@EnableWebMvc
public class WebAppConfig extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
System.out.println("####################WebAppConfig="+registry);
//跨域拦截器
registry.addInterceptor(new CrossInterceptor()).addPathPatterns("/**");
super.addInterceptors(registry);
}
}
springboot configuration cross domain support 1
package com.cn.zx.config;
/**
* describe: 跨域支持
* current user zhumaochao
* current system 2019/11/7
*/
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import java.util.Arrays;
import java.util.List;
@Configuration
public class CorsConfig {
@Bean
public FilterRegistrationBean corsFilter() {
System.out.println(123456);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// 可以设置部分地址可以进行访问
List<String> origins = Arrays.asList("http://localhost");
config.setAllowedOrigins(origins);
// 设置所有地址的请求都可以
config.addAllowedOrigin("*");
// 可以设置允许部分请求头信息
// List<String> headers = Arrays.asList("Authorization", "Access-Control-Allow-Origin", "Access-Control-Allow-Credentials", "Content-Type", "Access-Control-Request-Method", "Access-Control-Request-Headers");
// config.setAllowedHeaders(headers);
// 设置为允许所有请求头信息
config.addAllowedHeader("*");
// 可以设置只支持部分请求方式
// List<String> methods = Arrays.asList("GET","POST","HEAD","OPTIONS","PUT");
// config.setAllowedMethods(methods);
// 设置为支持所有请求方式
config.addAllowedMethod("*");
// 可以设置部分请求路径才可以进行访问
// source.registerCorsConfiguration("/cors/**",config);
// 设置所有的请求路径都可以访问
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
//设置优先级为最高
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
// private CorsConfiguration buildConfig() {
// System.out.println("==============CorsConfig==1111111111======");
// CorsConfiguration corsConfiguration = new CorsConfiguration();
// corsConfiguration.addAllowedOrigin("*");
// corsConfiguration.addAllowedHeader("*");
// corsConfiguration.addAllowedMethod("*");
// corsConfiguration.setMaxAge(3600L); // 预检请求的有效期,单位为秒。
// corsConfiguration.setAllowCredentials(true);// 是否支持安全证书(必需参数)
// return corsConfiguration;
// }
//
// @Bean
// public CorsFilter corsFilter() {
// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
// source.registerCorsConfiguration("/**", buildConfig());
// return new CorsFilter(source);
// }
}
Cross-domain support 2
package com.cn.zx.config;
/**
* describe: 跨域支持
* current user zhumaochao
* current system 2019/11/7
*/
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
public class CorsConfigurer extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {
System.out.println("------------------CorsConfigurer----------"+registry);
registry.addMapping("/**").allowedOrigins("*")
.allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
.allowCredentials(true) .maxAge(3600) .allowedHeaders("*");
}
}
Cross-domain support 3
package com.cn.zx.config;
/**
* describe: 跨域支持
* current user zhumaochao
* current system 2019/11/7
*/
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class CorsConfig {
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
corsConfiguration.setMaxAge(3600L); // 预检请求的有效期,单位为秒。
corsConfiguration.setAllowCredentials(true);// 是否支持安全证书(必需参数)
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", buildConfig());
return new CorsFilter(source);
}
}
Set cross domain in filter
package com.cn.zx.config;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* describe:在过滤器中设置响应头
*/
@Component
@WebFilter(urlPatterns = "/*",filterName = "CorsFilter")
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=None");
response.setHeader("Access-Control-Allow-Origin","*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
chain.doFilter(req, response);
}
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void destroy() {}
}
{{o.name}}
{{m.name}}