Reprinted from: http://blog.csdn.net/james_wade63/article/details/50772041
Cross-domain means that the server where the html file is located and the server requested by ajax are different ip+ports, for example:
- '192.168.1.1:8080' and '192.168.1.2:8080' are different domains.
- '192.168.1.1:8080' is a different domain than '192.168.1.1:8081'.
There are many ways to solve such problems, some need to be changed on both the client and the server, such as jsonp, iframe, etc.; some only need to be changed by the client, this situation can only appear in the development of hybrid app, that is, by calling The native method is used to make network requests; some only need the server configuration. The following three methods of server configuration are introduced.
The first
If the mvc framework you use is above spring 4.2, a @CrossOrigin can do it. Add @CrossOrigin to the Controller, then all requests of this Controller support cross-domain, the code is as follows:
@Controller
@CrossOrigin
public class GreetingController {
Add @CrossOrigin to the request method, then this request supports cross-domain, the code is as follows
@CrossOrigin
@RequestMapping("/greeting")
public @ResponseBody Greeting greeting(@RequestParam(required=false, defaultValue="World") String name) {
- 1
- 2
- 3
For a more detailed introduction to @CrossOrigin, see here
the second
Global configuration also requires spring 4.2 or above.
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurerAdapter() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/greeting-javaconfig").allowedOrigins("http://localhost:9000");
}
};
}
The parameter in .addCorsMappings() represents the url that supports cross-domain, and the parameter in .allowedOrigins() represents the domain name that can access the interface. Set to "*" to support all domains.
the third
This method has nothing to do with the framework. It requires two jar packages. Click here to download. The two jar packages can be placed in the program or in tomcat, and then write the following configuration into web.xml. span
< filter >
< filter-name > CORS </ filter-name >
< filter-class > com.thetransactioncompany.cors.CORSFilter </ filter-class >
< init-param >
< param-name > cors.allowOrigin </ param-name > <!--配置授信的白名单的域名!-->
< param-value > * </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportedMethods </ param-name >
< param-value > GET, POST, HEAD, PUT, DELETE </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportedHeaders </ param-name >
< param-value > Accept, Origin, X-Requested-With, Content-Type, Last-Modified </ param-value >
</ init-param >
< init-param >
< param-name > cors.exposedHeaders </ param-name >
< param-value > Set-Cookie </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportsCredentials </ param-name >
< param-value > true </ param-value >
</ init-param >
</ filter >
< filter-mapping >
< filter-name > CORS </ filter-name >
< url-pattern > /* </ url-pattern >
</ filter-mapping >
Cross-domain means that the server where the html file is located and the server requested by ajax are different ip+ports, for example:
- '192.168.1.1:8080' and '192.168.1.2:8080' are different domains.
- '192.168.1.1:8080' is a different domain than '192.168.1.1:8081'.
There are many ways to solve such problems, some need to be changed on both the client and the server, such as jsonp, iframe, etc.; some only need to be changed by the client, this situation can only appear in the development of hybrid app, that is, by calling The native method is used to make network requests; some only need the server configuration. The following three methods of server configuration are introduced.
The first
If the mvc framework you use is above spring 4.2, a @CrossOrigin can do it. Add @CrossOrigin to the Controller, then all requests of this Controller support cross-domain, the code is as follows:
@Controller
@CrossOrigin
public class GreetingController {
Add @CrossOrigin to the request method, then this request supports cross-domain, the code is as follows
@CrossOrigin
@RequestMapping("/greeting")
public @ResponseBody Greeting greeting(@RequestParam(required=false, defaultValue="World") String name) {
- 1
- 2
- 3
For a more detailed introduction to @CrossOrigin, see here
the second
Global configuration also requires spring 4.2 or above.
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurerAdapter() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/greeting-javaconfig").allowedOrigins("http://localhost:9000");
}
};
}
The parameter in .addCorsMappings() represents the url that supports cross-domain, and the parameter in .allowedOrigins() represents the domain name that can access the interface. Set to "*" to support all domains.
the third
This method has nothing to do with the framework. It requires two jar packages. Click here to download. The two jar packages can be placed in the program or in tomcat, and then write the following configuration into web.xml. span
< filter >
< filter-name > CORS </ filter-name >
< filter-class > com.thetransactioncompany.cors.CORSFilter </ filter-class >
< init-param >
< param-name > cors.allowOrigin </ param-name > <!--配置授信的白名单的域名!-->
< param-value > * </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportedMethods </ param-name >
< param-value > GET, POST, HEAD, PUT, DELETE </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportedHeaders </ param-name >
< param-value > Accept, Origin, X-Requested-With, Content-Type, Last-Modified </ param-value >
</ init-param >
< init-param >
< param-name > cors.exposedHeaders </ param-name >
< param-value > Set-Cookie </ param-value >
</ init-param >
< init-param >
< param-name > cors.supportsCredentials </ param-name >
< param-value > true </ param-value >
</ init-param >
</ filter >
< filter-mapping >
< filter-name > CORS </ filter-name >
< url-pattern > /* </ url-pattern >
</ filter-mapping >