Spring Boot、SpringMVC 跨域問題解決
阿新 • • 發佈:2018-12-14
#####服務端跨域問題很常見,一下兩個方法經本人實測有效
###方法一、單獨對某個介面增加跨域配置,只對當前介面有效 在Controller層增加註解
@CrossOrigin(origins = "*", maxAge = 3600)
###方法二、全域性配置 1.配置檔案繼承 WebMvcConfigurerAdapter 2.攔截器繼承 HandlerInterceptorAdapter
@Configuration public class ApiConfig extends WebMvcConfigurerAdapter { @Override public void configureMessageConverters(List<HttpMessageConverter<?>> list) { FastJsonHttpMessageConverter fastJsonConverter = new FastJsonHttpMessageConverter(); FastJsonConfig fastConf = new FastJsonConfig(); fastConf.setSerializerFeatures(SerializerFeature.PrettyFormat); fastJsonConverter.setFastJsonConfig(fastConf); list.add(fastJsonConverter); super.configureMessageConverters(list); } @Bean public HandlerInterceptor getAuthorizationInterceptor() { return new AuthorizationInterceptor(); } /** * 新增攔截器 * * @param registry */ @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(getAuthorizationInterceptor()); super.addInterceptors(registry); } /** * 解決跨域問題 * * @param registry */ @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedHeaders("*") .allowCredentials(true) .allowedMethods("*") .allowedOrigins("*"); }
攔截器介面卡HandlerInterceptorAdapter
/** * 訪問token驗證 * * @author jackspeed */ public class AuthorizationInterceptor extends HandlerInterceptorAdapter { /** * 快取操作 */ @Autowired RedisTemplate redisTemplate; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (handler instanceof HandlerMethod) { String url = request.getHeader("Origin"); if (!StringUtils.isEmpty(url)) { String val = response.getHeader("Access-Control-Allow-Origin"); if (StringUtils.isEmpty(val)) { response.addHeader("Access-Control-Allow-Origin", url); } else { response.setHeader("Access-Control-Allow-Origin", "*"); } } response.setContentType("application/json;charset=UTF-8"); response.addHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.addHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With"); AccessSecret access = ((HandlerMethod) handler).getMethodAnnotation(AccessSecret.class); //TODO: return super.preHandle(request, response, handler); } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { } }