Java 使用Spring MVC为所有API启用CORS
如何“轻松”配置SpringMVC,以便对应用程序中任何API的每个请求都返回magic CORS头Java 使用Spring MVC为所有API启用CORS,java,http,spring-mvc,cors,Java,Http,Spring Mvc,Cors,如何“轻松”配置SpringMVC,以便对应用程序中任何API的每个请求都返回magic CORS头 例如,使用@ControllerAdvice或使用常见的AOP建议。一种方法是使用拦截器类,如下所示: 为了代码的简洁性,我没有在设置拦截器时实现它 让我们为所有URL设置拦截器方法,如下所示: public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object
例如,使用
@ControllerAdvice
或使用常见的AOP建议。一种方法是使用拦截器类,如下所示:
- 为了代码的简洁性,我没有在设置拦截器时实现它
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler)
throws Exception {
request.setHeader(HttpHeaders.CONTENT_TYPE, "application/jsonp");
//OR
response.addHeader(HttpHeaders.CONTENT_TYPE, "application/jsonp");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
}
我们只需配置拦截器以满足控制器方法。
JSONP是CORS通信的首选格式之一 我通过以下步骤解决:
交易公司
cors过滤器
2.2.1
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowGenericHttpRequests</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowSubdomains</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, DELETE, OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.maxAge</param-name>
<param-value>3600</param-value>
</init-param>
</filter>
科尔斯
com.thetransactioncompany.cors.CORSFilter
cors.allowgenerichtt前传
真的
金鸡儿
*
cors.allowSubdomains
假的
cors.supportedMethods
获取、标题、发布、删除、选项
cors.supportedHeaders
*
cors.supportsCredentials
真的
科斯马克萨奇酒店
3600
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowGenericHttpRequests</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowSubdomains</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, DELETE, OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.maxAge</param-name>
<param-value>3600</param-value>
</init-param>
</filter>