1.甚么这时候会造成布吕马难题?
看呵呵他们的url共同组成:
协定://搜索引擎:freenode ?模块主要就又三者共同组成
当中 协定的转换,搜索引擎的转换,freenode的转换单厢导致布吕马难题类似于如下表所示:
软件系统
后端软件系统
采用JSONP方式同时实现布吕马初始化;采用NodeJS伺服器作为服务项目全权,后端发动允诺到NodeJS伺服器, NodeJS伺服器全权转贴允诺到后端伺服器;后端软件系统
nginx逆向全权化解布吕马服务项目器端增设Response Header(积极响应颈部)的Access-Control-Allow-Origin在须要布吕马出访的类和方式中增设容许布吕马出访(如Spring中采用@CrossOrigin注释);承继采用Spring Web的CorsFilter(适用于于Spring MVC、Spring Boot)同时实现WebMvcConfigurerUSB(适用于于Spring Boot)具体内容形式
一、采用Filter形式展开增设
采用Filter冷却系统来过滤器服务项目允诺,向允诺端增设Response Header(积极响应颈部)的Access-Control-Allow-Origin特性新闻稿容许布吕马出访。
@WebFilterpublic class CorsFilter implements Filter { @Override public void doFilter( ServletRequest req, ServletResponse res, FilterChain chain ) throws IOException, ServletException{ HttpServletResponse response = (HttpServletResponse) res; response.setHeader(“Access-Control-Allow-Origin”, “*” ); response.setHeader( “Access-Control-Allow-Methods”, “*” ); response.setHeader( “Access-Control-Max-Age”, “3600”); response.setHeader(“Access-Control-Allow-Headers”, “*” ); response.setHeader( “Access-Control-Allow-Credentials”, “true” ); chain.doFilter( req, res ); } }二、承继 HandlerInterceptorAdapter
@Componentpublic class CrossInterceptor extends HandlerInterceptorAdapter { @Override public boolean preHandle( HttpServletRequest request, HttpServletResponse response, Object handler ) throws Exception{ response.setHeader(“Access-Control-Allow-Origin”, “*” ); response.setHeader( “Access-Control-Allow-Methods”,“GET, POST, PUT, DELETE, OPTIONS” ); response.setHeader( “Access-Control-Max-Age”, “3600”); response.setHeader(“Access-Control-Allow-Headers”, “*” ); response.setHeader( “Access-Control-Allow-Credentials”, “true” ); return(true); } }三、同时实现 WebMvcConfigurer
@Configuration@SuppressWarnings( “SpringJavaAutowiredFieldsWarningInspection” ) public class AppConfig implements WebMvcConfigurer { @Override public void addCorsMappings( CorsRegistry registry ){ registry.addMapping( “/**” ) /* 拦截所有的允诺 .allowedOrigins(“http://www.abc.com”) // 可布吕马的搜索引擎,可以为 * .allowCredentials(true) .allowedMethods(“*”) // 容许布吕马的方式,可以单独配置 .allowedHeaders(“*”); // 容许布吕马的允诺头,可以单独配置 } } */四、采用Nginx配置
location / { add_header Access – Control – Allow – Origin *; add_header Access – Control – Allow – Headers X – Requested – With; add_header Access – Control – Allow – Methods GET, POST, PUT, DELETE, OPTIONS; if ( $request_method = OPTIONS ) { return(204); } }五、采用 @CrossOrgin 注释
1.注意:“@CrossOrigin“注释要求jdk1.8以上版本
如果只是想部分USB布吕马,且不想采用配置来管理的话,可以采用这种形式
在Controller采用
@CrossOrigin@RestController@RequestMapping(“/user”) public class UserController { }在具体内容USB上采用
@RestController@RequestMapping( “/user” ) public class UserController { @CrossOrigin @GetMapping( “/{id}”) public User getUserInfo(@PathVariable Long id ){ } }Spring Cloud Gateway 布吕马配置
spring: cloud: gateway: globalcors: cors-configurations: [/**]: # 容许布吕马的源(网站搜索引擎/ip),增设*为全部 # 容许布吕马允诺里的head字段,增设*为全部 # 容许布吕马的method, 默认为GET和OPTIONS,增设*为全部 allow-credentials: true allowed-origins: – “http://xb.abc.com” – “http://sf.xx.com” allowed-headers: “*” allowed-methods: – OPTIONS – GET – POST – DELETE – PUT – PATCH max-age: 3600注意:通过gateway 转贴的其他项目,不要展开配置布吕马配置
有时即使配置了也不会起作用,这时你可以根据浏览器控制的错误输出来查看难题,如果提示是 response 中 header 出现了重复的 Access-Control-* 允诺头,可以展开如下表所示操作
import java.util.ArrayList; importorg.springframework.cloud.gateway.filter.GatewayFilterChain;import org.springframework.cloud.gateway.filter.GlobalFilter; importorg.springframework.cloud.gateway.filter.NettyWriteResponseFilter;import org.springframework.core.Ordered; importorg.springframework.http.HttpHeaders;import org.springframework.stereotype.Component; importorg.springframework.web.server.ServerWebExchange;import reactor.core.publisher.Mono; @Component(“corsResponseHeaderFilter”) public class CorsResponseHeaderFilter implements GlobalFilter, Ordered { @Override publicint getOrder() {// 指定此冷却系统位于NettyWriteResponseFilter之后 // 即待处理完积极响应体后接着处理积极响应头 return NettyWriteResponseFilter.WRITE_RESPONSE_FILTER_ORDER + 1; } @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { return chain.filter(exchange).then(Mono.defer(() -> { exchange.getResponse().getHeaders().entrySet().stream() .filter(kv -> (kv.getValue() != null && kv.getValue().size() > 1)) .filter(kv -> ( kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN) || kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS) || kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS) || kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) || kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_MAX_AGE))) .forEach(kv -> { kv.setValue(new ArrayList<String>() {{ add(kv.getValue().get(0)); }}); }); return chain.filter(exchange); })); } }多点点推荐、转贴、分享吧好哥哥们!
