我正试图通过本教程学习spring:
https://spring.io/guides/tutorials/react-and-spring-data-rest/
但我把前端应用程序作为一个单独的应用程序。拨打以下电话时:http://localhost:8080/api/employees
如何在全球范围内启用CORS?谢谢
在应用中试用:
@Bean
public WebMvcConfigurer configurer()
{
return new WebMvcConfigurer()
{
@Override
public void addCorsMappings(CorsRegistry registry)
{
registry.addMapping("/api/*").allowedOrigins("http://localhost:8000");
}
};
}
但这对没有帮助
用自定义@RestController做了一些测试,比如这里:
https://spring.io/guides/gs/rest-service-cors/#global-cors配置和呼叫http://localhost:8080/api/greeting从外部前端应用程序运行良好,只有那些通过spring自动生成的休息端点CRUD才不允许CORS。。如何避免这个问题?
尝试将其添加到主应用程序类文件中:
@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean<>(new CorsFilter(source));
bean.setOrder(0);
return bean;
}
添加:
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* Note this is a very simple CORS filter that is wide open.
* This would need to be locked down.
* Source: https://stackoverflow.com/questions/39565438/no-access-control-allow-origin-error-with-spring-restful-hosted-in-pivotal-web
*/
@Component
public class CORSFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
chain.doFilter(req, res);
}
public void init(FilterConfig filterConfig) {}
public void destroy() {}
}
帮助
@Configuration
@EnableWebMvc
public class WebConfig implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("*")
.allowedMethods("*")
.maxAge(3600L)
.allowedHeaders("*")
.exposedHeaders("Authorization")
.allowCredentials(true);
}
}