1、第一种:
public class CorsFilter extends OncePerRequestFilter {
static final String ORIGIN = \"Origin\";
protected void doFilterInternal(
HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
String origin = request.getHeader(ORIGIN);
response.setHeader(\"Access-Control-Allow-Origin\", \"*\");//* or origin as u prefer
response.setHeader(\"Access-Control-Allow-Credentials\", \"true\");
response.setHeader(\"Access-Control-Allow-Methods\", \"PUT, POST, GET, OPTIONS, DELETE\");
response.setHeader(\"Access-Control-Max-Age\", \"3600\");
response.setHeader(\"Access-Control-Allow-Headers\", \"content-type, authorization\");
if (request.getMethod().equals(\"OPTIONS\"))
response.setStatus(HttpServletResponse.SC_OK);
else
filterChain.doFilter(request, response);
}
}
@Bean
public CorsFilter corsFilter() throws Exception {
return new CorsFilter();
}
http
.addFilterBefore(corsFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
.headers()
.cacheControl();
2、第二种:
@Configuration
public class CorsConfig {
@Bean
public FilterRegistrationBean corsFilter() {
Url dCorsConfigurationSource source = new Url dCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// 设置你要允许的网站域名,如果全允许则设为 *
config.addAllowedOrigin(\"http://localhost:4200\");
// 如果要限制 HEADER 或 METHOD 请自行更改
config.addAllowedHeader(\"*\");
config.addAllowedMethod(\"*\");
source.registerCorsConfiguration(\"/**\", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
// 这个顺序很重要哦,为避免麻烦请设置在最前
bean.setOrder(0);
return bean;
}
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持脚本之家。
继续阅读与本文标签相同的文章
上一篇 :
Java 最困扰你的那些事
下一篇 :
短网址系统的原理及其实现
-
不写代码也能玩转AI,uber最新开源项目了解一下?
2026-05-19栏目: 教程
-
MySQL从5.6到8.0并行复制的演进
2026-05-19栏目: 教程
-
RPA市场迅速升温的背后
2026-05-19栏目: 教程
-
Node中Buffer的初始化及回收
2026-05-19栏目: 教程
-
还在关注“宏颜获水”?DuerOS 5.0让你更惊讶
2026-05-19栏目: 教程