最近开发过程中遇到了⼀个问题,之前没有太注意,这⾥记录⼀下。我⽤的SpringBoot版本是2.0.5,在跟前端联调的时候,有个请求因为⽤户权限不够就被拦截器拦截了,拦截器拦截之后打印⽇志然后response了⼀个错误返回了,但是前端Vue.js⼀直报如下跨域的错误,但是我是配置了跨域的。
has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.我的拦截器中代码如下:
private void writeResponse(HttpServletResponse response, ResponseResult respResult, JSONObject reqParams) { PrintWriter writer = null; try {
response.setCharacterEncoding(\"UTF-8\");
response.setContentType(\"application/json; charset=utf-8\"); writer = response.getWriter();
writer.write(JSON.toJSONString(respResult)); writer.flush();
} catch (Exception e) {
log.error(\"拦截器响应异常,respJson:\"+reqParams, e); } finally{
if(writer != null){ writer.close(); } }}
我的拦截器是通过实现WebMvcConfigurer接⼝,然后重新其addCorsMappings(CorsRegistry registry)⽅法添加跨域设置的,具体如下所⽰:
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Bean
public UserCenterInterceptor userTokenInterceptor() { return new UserCenterInterceptor(); }
@Override
public void addCorsMappings(CorsRegistry registry) { registry.addMapping(\"/**\")
.allowedMethods(\"GET\ .allowedOrigins(\"你要设置的域名\") .allowedHeaders(\"*\") .allowCredentials(true);
WebMvcConfigurer.super.addCorsMappings(registry); }}
原因是请求经过的先后顺序问题,请求会先进⼊到⾃定义拦截器中,⽽不是进⼊Mapping映射中,所以返回的头信息中并没有配置的跨域信息,浏览器就会报跨域异常。
正确的设置跨域的⽅式是通过CorsFilter过滤器,具体代码如下:
@Configuration
public class CorsConfig {
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration(); corsConfiguration.addAllowedOrigin(\"*\"); corsConfiguration.addAllowedHeader(\"*\"); corsConfiguration.addAllowedMethod(\"*\"); corsConfiguration.setAllowCredentials(true); return corsConfiguration; }
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration(\"/**\ return new CorsFilter(source); }
}
完美解决了坑,很开森,哈哈哈继续⾏⾛在踩坑的路上。。。。。。
到此这篇关于Springboot处理配置CORS跨域请求时碰到的坑的⽂章就介绍到这了,更多相关Springboot CORS跨域请求内容请搜索以前的⽂章或继续浏览下⾯的相关⽂章希望⼤家以后多多⽀持!
因篇幅问题不能全部显示,请点此查看更多更全内容