1.通过SpringSecurity方式配置

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(HttpSecurity http) throws Exception {// 允许跨域http.cors().configurationSource(corsConfigurationSource());// 省略其他代码...}// 跨域配置private CorsConfigurationSource corsConfigurationSource() {CorsConfiguration config = new CorsConfiguration();config.setAllowedMethods(Arrays.asList("GET", "POST"));// 支持请求方式config.addAllowedOriginPattern("*");// 支持跨域config.setAllowCredentials(true);// cookieconfig.addAllowedHeader("*");// 允许请求头信息config.addExposedHeader("*");// 暴露的头部信息UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();source.registerCorsConfiguration("/**", config);// 添加地址映射return source;}}

2.使用Spring提供的CorsFilter注入Bean（推荐）

//....省略其他代码@Beanpublic CorsFilter corsFilter() {CorsConfiguration config = new CorsConfiguration();config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE"));// 支持请求方式config.addAllowedOriginPattern("*");// 支持跨域config.setAllowCredentials(true);// cookieconfig.addAllowedHeader("*");// 允许请求头信息config.addExposedHeader("*");// 暴露的头部信息UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();source.registerCorsConfiguration("/**", config);// 添加地址映射return new CorsFilter(source);}
//....省略其他代码

3.使用注解@CrossOrigin注解（繁琐）

import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;@RestController
@CrossOrigin(origins = "*")
public class DemoController {@RequestMapping("/test")public Object test() {return "hello world";}
}

4.通过ResponseBodyAdvice 实现跨域

与第5类似

import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;@ControllerAdvice
public class ResponseAdvice implements ResponseBodyAdvice {/*** 内容是否需要重写（通过此方法可以选择性部分控制器和方法进行重写）* 返回 true 表示重写*/@Overridepublic boolean supports(MethodParameter returnType, Class converterType) {return true;}/*** 方法返回之前调用此方法*/@Overridepublic Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,Class selectedConverterType, ServerHttpRequest request,ServerHttpResponse response) {// 设置跨域response.getHeaders().set("Access-Control-Allow-Origin", "*");return body;}
}

5.通过HttpServletResponse设置跨域

HttpServletResponse#setHeader("Access-Control-Allow-Origin", "*");

6.通过WebMvcConfigurer 实现跨域

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;@Configuration
public class CorsConfig implements WebMvcConfigurer {@Overridepublic void addCorsMappings(CorsRegistry registry) {registry.addMapping("/**") // 所有接口.allowCredentials(true) // 是否发送 Cookie.allowedOriginPatterns("*") // 支持域.allowedMethods(new String[]{"GET", "POST"}) // 支持方法.allowedHeaders("*")// 允许请求头.exposedHeaders("*");// 暴露出去的响应头}
}

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/news/17002.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！