spring boot配合前端实现跨域请求访问
一.方法:
- 服务端设置ResponeHeader头中Access-Control-Allow-Origin
- 配合前台使用jsonp
- 继承WebMvcConfigurerAdapter添加配置类
二.实例:
1.前端:因为我们用了前后端分离,前端用node服务器,node服务器再用了ajax反向代理请求到我的springboot服务器。其中node服务器也用了ajax发出请求所以也存在跨域的问题。具体代码:
app.all(apiRoot+'/*',proxy('127.0.0.1:'+proxyPort,{
forwardPath:function(req,res){
console.log('req:',req,'res;',res);
returnrequire('url').parse(req.url).path;
}
}));
后台(用的是springboot1.3.7.RELEASE):用了一个filter进行了身份验证同时进行了跨域处理,具体代码:
publicclassAuthFilterimplementsFilter{
//@Autowired
//这个不能自动注入servlet和filter是被tomcat管理的
privateBaseUserServicebaseUserService;
privateString[]excludePaths;
@Override
publicvoidinit(FilterConfigfilterConfig)throwsServletException{
System.out.println("initFilter");
//不能在初始化中通过AppliactionContext获取因为这时候还没初始化ApplicationContext
//baseUserService=SpringUtils.getBean("baseUserService",BaseUserService.class);
excludePaths=newString[]{"/api/user/noLogin","/api/user/tokenError","/api/user/loginForeground",
"/api/user/loginBackground","/api/user/inCorrectUserId"};
}
@Override
publicvoiddoFilter(ServletRequestrequest,ServletResponseresponse,FilterChainchain)throwsIOException,ServletException{
HttpServletRequesthttpServletRequest=(HttpServletRequest)request;
HttpServletResponsehttpServletResponse=(HttpServletResponse)response;
//这里填写你允许进行跨域的主机ip
httpServletResponse.setHeader("Access-Control-Allow-Origin","*");
//允许的访问方法
httpServletResponse.setHeader("Access-Control-Allow-Methods","POST,GET,PUT,OPTIONS,DELETE,PATCH");
//Access-Control-Max-Age用于CORS相关配置的缓存
httpServletResponse.setHeader("Access-Control-Max-Age","3600");
httpServletResponse.setHeader("Access-Control-Allow-Headers","Origin,X-Requested-With,Content-Type,Accept");
StringuserId=request.getParameter("userId");
Stringtoken=request.getParameter("token");
//有token的`
if(userId!=null&&token!=null){
try{
Integerid=Integer.parseInt(userId);
if(baseUserService==null)
baseUserService=SpringUtils.getBean("baseUserService",BaseUserService.class);
intstatus=baseUserService.checkLogin(id,token);
if(status==1){
chain.doFilter(request,response);
}elseif(status==0){
httpServletResponse.sendRedirect("/api/user/tokenError");
}elseif(status==-2){
httpServletResponse.sendRedirect("/api/user/inCorrectUserId");
}else{
httpServletResponse.sendRedirect("/api/user/noLogin");
}
}catch(NumberFormatExceptionexception){
httpServletResponse.sendRedirect("/api/user/inCorrectUserId");
}
}else{
Stringpath=httpServletRequest.getServletPath();
if(excludePath(path)){
chain.doFilter(request,response);
}else{
httpServletRequest.getRequestDispatcher("/api/user/noLogin").forward(request,response);
}
}
//((HttpServletResponse)response).addHeader("Access-Control-Allow-Origin","*");
//CorsFiltercorsFilter=newCorsFilter();
}
privatebooleanexcludePath(Stringpath){
for(inti=0;i
这种方法还适用于servlet中,特别注意的是一定要在filter动作之前加上这句话,也就是在代码的最前面加上这个话。
跨域资源共享CORS详解(相关链接)
2.详细请看(点开)
3.具体代码:
packageedu.ecnu.yjsy.conf;
importorg.springframework.context.annotation.Configuration;
importorg.springframework.web.servlet.config.annotation.CorsRegistry;
importorg.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
publicclassCorsConfigextendsWebMvcConfigurerAdapter{
@Override
publicvoidaddCorsMappings(CorsRegistryregistry){
registry.addMapping("/**")
.allowedOrigins("*")
.allowCredentials(true)
.allowedMethods("GET","POST","DELETE","PUT")
.maxAge(3600);
}
}
这里有个坑springboot以前的版本这样设置可以用但是我用的1.3.7.RELEASEspringboot不能用,所以用第二种方式是万能的
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。