import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletRequest; /** * 跨域配置<br> * 跨域资源共享 CORS 详解:http://www.ruanyifeng.com/blog/2016/04/cors.html<br/> * HTTP 中文开发手册:https://www.php.cn/manual/view/35587.html */ public class CrossFilter implements Filter { @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chiain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)servletRequest; HttpServletResponse response = (HttpServletResponse)servletResponse; // 允许跨域的地址*表示所有 response.setHeader("Access-Control-Allow-Origin", "http://localhost:8848"); // 表示是否允许发送Cookie response.setHeader("Access-Control-Allow-Credentials", "true"); // 允许跨域的方法 response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE"); // 预检请求的有效期,OPTIONS请求就是想服务端进行探测支持的方法 response.setHeader("Access-Control-Max-Age", "3600"); // 跨域时允许的请求头字段 response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Token,tokenzsk,tokenzsk1"); // 检测时直接返回 if ("OPTIONS".equals(request.getMethod())) { response.setStatus(HttpServletResponse.SC_NO_CONTENT); return; } chiain.doFilter(servletRequest, servletResponse); } } // 注册过滤器 @Bean public FilterRegistrationBean<CrossFilter> corssFilterRegiste() { FilterRegistrationBean<CrossFilter> reFilter = new FilterRegistrationBean<>(); // 创建并注册TestFilter reFilter.setFilter(new CrossFilter()); // 拦截的路径(对所有请求拦截) reFilter.addUrlPatterns("/services/*"); // 拦截器的名称 reFilter.setName("CrossFilter"); // 拦截器的执行顺序。数字越小越先执行 reFilter.setOrder(1); return reFilter; }