背景:
項目前後端分離,前臺頁面使用ajax請求後端的api。
前端寫法:
var token=”Bearer eyJhbGciOiJIUzUxMiJ9.eyJleHAiOjE1MTAyNDEwMDAsInVzZXJJZCI6IsK_XHUwMDEywpbCi8KBwqhSwpjDp8KgU8KaXcKlwrDDryJ9.LuUr3I_eOOugcffmEhedc9wdWrOg5roY7WxREg1ddPpijDYLBlo5UWFYTgjnY2TWrYcN0MFkBODNYReOObYhiQ”;
$.ajax({
url: ‘http://IP或域名:8080/api/hello’,
beforeSend: function(request) {
request.setRequestHeader(“authorization”, token);
},
dataType: ‘JSON’,
async: false,//請求是否異步,默認爲異步
type: ‘POST’,
success: function (data) {
},
error: function () {
}
});
後端控制器:
@CrossOrigin(origins = “*”, maxAge = 3600)
@RequestMapping(value = “/api/hello” )
public String hello(@RequestHeader(value = JwtUtil.USER_ID,defaultValue = “world”) String userID) {
return “hello ” + userID;
}
過濾器:繼承了org.springframework.web.filter.OncePerRequestFilter
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
//下面一行代碼,在跨域情況下token始終是null,不跨域的時候正常。
String token = request.getHeader(HEADER_STRING);
//省略無關代碼…….
filterChain.doFilter(httpServletRequest, httpServletResponse);
}
原因:
經多次測試發現 ,在跨域的情況下,發現每次客戶端請求接口的時候,都會有一個 OPTIONS 請求。
解決:
在doFilterInternal方法中加入以下代碼。如果是OPTIONS請求直接放過即可。
if ( httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name()) ) {
filterChain.doFilter(httpServletRequest,httpServletResponse);
return;
}
修改一下控制器註解 @RequestMapping(value = “/api/hello” ) 改成:
@RequestMapping(value = “/api/hello”,method = {RequestMethod.POST,RequestMethod.OPTIONS} )