- 问题:
‘http://xxxxx.yyyyy.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on on the requested resource. - The reason:
there is cross-domain issues - Solution:
In fact,
SpringMVChas been written to help usCORScross-domain filters:CorsFilterinterior has been achieved just mentioned decision logic, we directly use the output.
Inexcellent-gatewaywriting a configuration class, and registration CorsFilter:
Write CorsConfig profile in the routing gateway project, as shown below:
@Configuration
public class ExcellentCorsConfig {
@Bean
public CorsFilter corsFilter() {
//1.添加CORS配置信息
CorsConfiguration config = new CorsConfiguration();
//1) 允许的域,不要写*,否则cookie就无法使用了
config.addAllowedOrigin("http://manage.leyou.com");
//2) 是否发送Cookie信息
config.setAllowCredentials(true);
//3) 允许的请求方式
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("HEAD");
config.addAllowedMethod("GET");
config.addAllowedMethod("PUT");
config.addAllowedMethod("POST");
config.addAllowedMethod("DELETE");
config.addAllowedMethod("PATCH");
// 4)允许的头信息
config.addAllowedHeader("*");
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration("/**", config);
//3.返回新的CorsFilter,参数:cors的配置员对象
return new CorsFilter(configSource);
}
}
