自己做网站的时候,经常遇到跨域问题,下面是平时多次实践总结出的解决方法,大家有什么更好的思路,可以相互交流下~
XMLHttpRequest cannot load http://www.imooc.com/data/che… No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8080’ is therefore not allowed access.
解决方法:跨源问题,添加 cors。
1.filter 或者 servlet 里面添加 response.setHeader(“Access-Control-Allow-Origin”, ““);2.response.setHeader(“Access-Control-Allow-Origin”, ““); 放到接收客户端 api 的地方
3. 如果是 servlet 的话就放到 get 或者 post 方法里面,jsp 页面就扔到第一行
4. 如果是 filter 部署就扔到 dofilter()
———————————springmvc———————————
添加 SimpleCORSFilter.java
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
@Component
public class SimpleCORSFilter implements Filter {public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
//response.setHeader("Access-Control-Allow-Headers", "Content-Type");
// response.setContentType("text/html;charset=UTF-8");
// response.setHeader("Access-Control-Allow-Origin", "*");
// response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
// response.setHeader("Access-Control-Max-Age", "0");
// response.setHeader("Access-Control-Allow-Headers", "Authentication, Origin, Accept, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, token");
// response.setHeader("Access-Control-Allow-Credentials", "true");
// response.setHeader("XDomainRequestAllowed","1");
chain.doFilter(req, res);
}
public void init(FilterConfig filterConfig) {}
public void destroy() {}
}
web.xml 添加
<filter>
<filter-name>SimpleCORSFilter</filter-name>
<filter-class>com.zhcs.context.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SimpleCORSFilter</filter-name>
<url-pattern>/app/*</url-pattern>
</filter-mapping>
————————————–OR————————————-
添加 CorsConfigureAdapter.java
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@EnableWebMvc
public class CorsConfigureAdapter extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {super.addCorsMappings(registry);
registry.addMapping("/**");
}
}
在 Controller 上或方法上使用 @CrossOrigin 注解
@CrossOrigin(maxAge = 3600)
————————————–xml————————————-
<mvc:cors>
<mvc:mapping path="/**" />
</mvc:cors>
<mvc:cors>
<mvc:mapping path="/api/**" allowed-origins="http://domain1.com, http://domain2.com" allowed-methods="GET, PUT" allowed-headers="header1, header2, header3" exposed-headers="header1, header2" allow-credentials="false" max-age="123" />
<mvc:mapping path="/resources/**" allowed-origins="http://domain1.com" />
</mvc:cors>
————————————–Nginx 支持跨域请求 ————————————–
location /{
add_header 'Access-Control-Allow-Origin' 'http://other.subdomain.com';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';
...
the rest of your configuration here
...
}