springboot跨域问题解决方案

这篇文章主要介绍了springboot跨域问题解决方案,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下

springboot中的跨域问题,如果不注意的话,容易造成错误,本次springboot版本为2.13

前端错误信息:

Access to XMLHttpRequest at 'http://localhost:8080/user/loginOn' from origin 'http://localhost:8082' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

第一种:是在每个Controller里,加上注解:@CrossOrigin

import javax.validation.Valid;
@CrossOrigin
@RestController
@RequestMapping("/user")
public class UserController{

也可以在方法上加上,比如这样,这样针对具体的方法

 @CrossOrigin
  @ApiOperation(value = "用户登录",notes = "")
  @PostMapping("/loginOn")
  public ResponseMessage loginOn(@RequestBody @Valid UserReq userReq){

每一个Controller这样写也是很麻烦。

第二种:是实现WebMvcConfigurer接口,在接口中进行跨域支持

以前可以继承WebMvcConfigurerAdapter,springboot2.x版本已经将其@Deprecated

我们直接实现接口:

@Configuration
public class WebConfig implements WebMvcConfigurer {

  /**
   * 跨域支持
   * @param registry
   */
  @Override
  public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**")
        .allowedOrigins("*")
        .allowCredentials(true)
        .allowedMethods("GET", "POST", "DELETE", "PUT")
        .maxAge(3600 * 24);
  }

但使用这种方法,我今天遇到一个坑,我准备在拦截器里面对用户的请求进行拦截

@Component
public class RequestInterceptor implements HandlerInterceptor {
  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    Object loginUser = request.getSession().getAttribute("token");
    if(loginUser == null){
        //自定义的异常类,这里抛出异常,交给全局异常捕捉类处理
      throw new ServiceException("没有权限,请先登录!");
    }else{
      return true;
    }
  }

  @Override
  public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

  }

  @Override
  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

  }
}

全局异常捕捉类:

@RestControllerAdvice
public class GlobleExceptionHandler {
  @ExceptionHandler(value = ServiceException.class)
  public ResponseMessage caughtException(ServiceException e){

    return new ResponseMessage(e.getMsg());
  }
}

ResponseMessage 是自定义的统一的响应信息类:

ResponseMessage

@Data
public class ResponseMessage {
  private Integer Code;
  private String msg;
  private Integer count;
  private Object data;

  public ResponseMessage(Object data) {
    this.data = data;
  }

  public ResponseMessage(String msg) {
    this.msg = msg;
  }

  public ResponseMessage(Integer code, String msg) {
    Code = code;
    this.msg = msg;
  }

  public ResponseMessage(Integer code, String msg, Integer count) {
    Code = code;
    this.msg = msg;
    this.count = count;
  }

  public ResponseMessage(Integer code, String msg, Integer count, Object data) {
    Code = code;
    this.msg = msg;
    this.count = count;
    this.data = data;
  }

  public static ResponseMessage success(String msg){
    return new ResponseMessage(200,msg);
  }

  public static ResponseMessage fail(Integer code,String msg){
    return new ResponseMessage(code,msg);
  }
}

通过这样的处理发现,前端一直报跨域异常问题,这时候有了第三种方法

第三种:使用CorsFilter过滤器:

写一个MyCorsConfig 配置类

@Configuration
public class MyCorsConfig {

  @Bean
  public CorsFilter corsFilter() {

    CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.addAllowedOrigin("*");
    corsConfiguration.addAllowedHeader("*");
    corsConfiguration.addAllowedMethod("*");
    corsConfiguration.setAllowCredentials(true);
    corsConfiguration.setMaxAge(3600L);

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", corsConfiguration);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    //设置过滤器的顺序
    bean.setOrder(0);
    return new CorsFilter(source);
  }
}

最终解决本次demo的跨域问题。

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持菜鸟教程(cainiaojc.com)。

声明:本文内容来源于网络,版权归原作者所有,内容由互联网用户自发贡献自行上传,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任。如果您发现有涉嫌版权的内容,欢迎发送邮件至:notice#cainiaojc.com(发邮件时,请将#更换为@)进行举报,并提供相关证据,一经查实,本站将立刻删除涉嫌侵权内容。