自:https://www.jianshu.com/p/0c67823550d6
setHeader(name, value) ; //如果Header中沒有定義則添加,如果已定義則用新的value覆蓋原用value值。
addHeader(name, value); // 如果Header中沒有定義則添加,如果已定義則保持原有value不改變。
- 簡單點
// 最簡單的處理方式
response.setHeader("Access-Control-Allow-Origin","*");
- 完整點
// 這個可以用過濾器統一處理
if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
// CORS "pre-flight" request
response.addHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.addHeader("Access-Control-Max-Age", "1800");//30 min
}
2017-03-10 更新
- 使用攔截器統一做跨域處理
@Component
public class CORSInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//添加跨域CORS
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Headers", "X-Requested-With,content-type,token");
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH");
return true;
}
}
- 最後啓用攔截器就ok,以下展示在Spring-boot配置
public class WebConfigTest extends WebMvcConfigurerAdapter {
@Autowired
private CORSInterceptor corsInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(corsInterceptor);
}
}
-
效果
![]()
