• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

Recommended Posts

现在的网项目大多都是前后端分离的了,前端使用axios,后端使用跳羚队,前后端服务器不在一个域中,由此带来的跨域问题不可避免,这里总结一下常见的跨域解决方法。

1.在过滤器中编写允许跨域的代码

//获取当前请求地址

字符串来源=请求。获取标题(http标题.产地);

//允许跨域的地址(不能为*)

response.addHeader(HttpHeaders .访问控制允许来源,原点);

//允许携带的请求头字段(如果需要自定义请求头,需要增加内容类型字段,原因未知)

response.addHeader(HttpHeaders .ACCESS_CONTROL_ALLOW_HEADERS,' session,content-type ');

//允许客户端访问的请求头

response.addHeader(HttpHeaders .ACCESS_CONTROL_EXPOSE_HEADERS,' * ');

//允许跨域的请求方式

response.addHeader(HttpHeaders .访问控制允许方法,' * ');

//允许跨域行为

response.addHeader(HttpHeaders .ACCESS _ CONTROL _ ALLOW _ CREDENTIALS,' true ');

filterChain.doFilter(请求,响应);

2.在跳羚中自定义科尔斯过滤器类

@Bean

公共CorsFilter corsFilter() {

CORS配置config=新CORS配置();

//允许跨域的域名

配置。addallowedorigin(' http://www。百度一下。com’);

//有多个的时候可以使用这个方法

配置。setallowedorigins(new ArrayList string());

配置。setallowcredentials(true);

配置。addallowedmethod(" * ");

配置。addallowedheader(' * ');

配置。设置maxage(3600 l);

urlbasedcorconfigurationsource配置source=new urlbasedcorconfigurationsource();

配置源。registercorsconfiguration('/* * ',config);

返回新CORS滤波器(配置源);

}

3.还有一种跳羚自带的跨域解决方法,但有时候似乎不太管用,还有点麻烦

@RestController

@RequestMapping('/test ')

@交叉起源(

原点="",

方法={RequestMethod .获取,请求方法。删除}

)

公共类测试控制器{

@GetMapping(value='/t ')

公共字符串测试(){

返回'123456';

}

}

Link to comment
Share on other sites