Of Stack

spring cloud implements a front end cross domain problem solution

  • 2020-12-26 05:39:46
  • OfStack

When we need to provide services from spring boot as an restful interface, if the architecture is separated from the front end, then there is a cross-domain problem. How to solve the cross-domain problem is discussed below.

Solution 1: Add the @CrossOrigin annotation to Controller

The usage is as follows: 


@CrossOrigin //  Annotation way  
@RestController 
public class HandlerScanController { 
   
   
  @CrossOrigin(allowCredentials="true", allowedHeaders="*", methods={RequestMethod.GET, 
      RequestMethod.POST, RequestMethod.DELETE, RequestMethod.OPTIONS, 
      RequestMethod.HEAD, RequestMethod.PUT, RequestMethod.PATCH}, origins="*") 
  @PostMapping("/confirm") 
  public Response handler(@RequestBody Request json){ 
     
    return null; 
  } 
}

Solution 2: Global configuration

The code is as follows: 


@Configuration 
  public class MyConfiguration { 
 
    @Bean 
    public WebMvcConfigurer corsConfigurer() { 
      return new WebMvcConfigurerAdapter() { 
        @Override 
        public void addCorsMappings(CorsRegistry registry) { 
          registry.addMapping("/**") 
          .allowCredentials(true) 
          .allowedMethods("GET"); 
        } 
      }; 
    } 
  }

Solution 3: Use with Filter

Add 1 CorsFilter to the main class of spring boot 


/** 
   * 
   * attention: Simple cross domain is GET . HEAD and POST Request, but POST The request of "Content-Type" Can only be application/x-www-form-urlencoded, multipart/form-data  or  text/plain 
   *  Conversely, it is non-simple cross-domain, which has 1 A pre-check mechanism, to put it bluntly, would send two requests, 1 time OPTIONS The request, 1 This is a real request  
   */ 
  @Bean 
  public CorsFilter corsFilter() { 
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 
    final CorsConfiguration config = new CorsConfiguration(); 
    config.setAllowCredentials(true); //  allow cookies Cross domain  
    config.addAllowedOrigin("*");// # Allowed to submit a request to this server URI . * Represents all allowed in SpringMVC If I set theta to zero * Is automatically converted to the current request header Origin 
    config.addAllowedHeader("*");// # Allowed access to the header information ,* All said  
    config.setMaxAge(18000L);//  The cache time of the precheck request (in seconds), during which the same cross-domain request will not be prechecked  
    config.addAllowedMethod("OPTIONS");//  A method that allows you to submit a request, * All allowed  
    config.addAllowedMethod("HEAD"); 
    config.addAllowedMethod("GET");//  allow Get Request method of  
    config.addAllowedMethod("PUT"); 
    config.addAllowedMethod("POST"); 
    config.addAllowedMethod("DELETE"); 
    config.addAllowedMethod("PATCH"); 
    source.registerCorsConfiguration("/**", config); 
    return new CorsFilter(source); 
  }

Of course, if there are many microservices, you need to add this code to the main class of each service, which violates the DRY principle. It would be better to solve the cross-domain problem in the GATEWAY layer of zuul, once and for all.

For more information about the front cross domain, please refer to: https: / / www ofstack. com article / 83093. htm

Related articles: