1、参考文档:
https://www.jianshu.com/p/1ad4358beff7?utm_campaign=maleskine&utm_content=note&utm_medium=seo_notes&utm_source=recommendation
2、代码实例
package com.wangymd.cors; import java.io.IOException; import java.util.ArrayList; import java.util.List; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class MyCorsFilter implements Filter { private final static Logger LOGGER = LoggerFactory.getLogger(TalentTagCorsFilter.class); @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //设置跨域请求 HttpServletResponse httpServletResponse = (HttpServletResponse) response; HttpServletRequest httpServletRequest = (HttpServletRequest) request; String origin = httpServletRequest.getHeader("Origin"); //来源头是啥就设置啥,相当于不设置过滤 httpServletResponse.setHeader("Access-Control-Allow-Origin", origin); LOGGER.error("CrossDomainFilter origin:{}", origin); //表示的是跨域的ajax中可以携带cookie,此时第一项设置不能为*,需指定域名 httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true"); httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS"); httpServletResponse.setHeader("Access-Control-Allow-Headers", "Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since"); //表示在3600秒内,不需要再发送预检验请求,可以缓存该结果 httpServletResponse.setHeader("Access-Control-Max-Age", "3600"); //解决预检请求pre-flight的跨域 204表示是否成功,不返回内容 if ("OPTIONS".equals(httpServletRequest.getMethod())) { httpServletResponse.setStatus(org.apache.http.HttpStatus.SC_OK); return; } LOGGER.error("getParameterMap:{}", request.getParameterMap()); chain.doFilter(request, response); } @Override public void destroy() { } }
过滤器配置:
<!-- 跨域配置 --> <filter> <filter-name>crossFilter</filter-name> <filter-class>com.wangymd.cors.MyCorsFilter</filter-class> </filter> <filter-mapping> <filter-name>crossFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
项目中使用WebMvcConfigurerAdapter未生效,所以采用javax.servlet.Filter方式。
WebMvcConfigurerAdapter未生效问题,待处理。。。