Java 浏览器上说;请求已被CORS策略“阻止”;使用axios从react js调用spring boot get方法时
也许这个问题是重复的,但我没有通过阅读任何帖子来解决这个问题 当使用postman向报头添加令牌来执行get请求时,它将返回正确的响应。但它不适用于react js。这是我的axios获取请求Java 浏览器上说;请求已被CORS策略“阻止”;使用axios从react js调用spring boot get方法时,java,reactjs,spring-boot,axios,jwt,Java,Reactjs,Spring Boot,Axios,Jwt,也许这个问题是重复的,但我没有通过阅读任何帖子来解决这个问题 当使用postman向报头添加令牌来执行get请求时,它将返回正确的响应。但它不适用于react js。这是我的axios获取请求 axios .get("http://localhost:8080/vehicle/vehicle", { headers: { authorization: AuthStr, }, }) .then((response) => respo
axios
.get("http://localhost:8080/vehicle/vehicle", {
headers: {
authorization: AuthStr,
},
})
.then((response) => response.data)
.then(
(data) => {
console.log(data);
this.setState({ Vehicles: data });
},
(error) => {
alert(error);
//localStorage.clear();
}
);
我还向控制器添加了@CrossOrigin,如下所示
@RestController
@RequestMapping("/vehicle")
@CrossOrigin(origins = "http://localhost:3000")
public class VehicleController {}
这是我的配置方法
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
// We don't need CSRF for this example
httpSecurity.csrf().disable()
// dont authenticate this particular request
.authorizeRequests().antMatchers("/authenticate","/user/registerUser","/user/regUser").permitAll().
// all other requests need to be authenticated
anyRequest().authenticated().and().
// make sure we use stateless session; session won't be used to
// store user's state.
exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// Add a filter to validate the tokens with every request
httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
}
像这样更改您的配置方法
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf().disable().authorizeRequests().antMatchers("/authenticate","/user/registerUser","/user/regUser").permitAll().requestMatchers(CorsUtils::isPreFlightRequest).permitAll().
// all other requests need to be authenticated
anyRequest().authenticated().and().
// make sure we use stateless session; session won't be used to
// store user's state.
exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// Add a filter to validate the tokens with every request
httpSecurity.addFilterBefore(jwtRequestFilter,
UsernamePasswordAuthenticationFilter.class);
}