摘要:而前端跨域請(qǐng)求的需求不減�,于是乎?���?缬蛞脖容^簡(jiǎn)單,只需添加以下配置即可�����。參考文檔��,阿里云中文檔描述到也可通過(guò)配置文件跨域����,不過(guò)筆者并未采用這種方式。瀏覽器設(shè)置跨域本身是可以通過(guò)配置支持跨域請(qǐng)求的���?���?缬騾⒖嘉臋n跨域參考文檔
SpringBoot跨域配置
我們的后端使用Spring Boot�����。Spring Boot跨域非常簡(jiǎn)單����,只需書(shū)寫(xiě)以下代碼即可。
@Configuration
public class CustomCORSConfiguration {
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", buildConfig());
return new CorsFilter(source);
}
}
Nginx跨域配置
某天��,我們將Spring Boot應(yīng)用用Nginx反向代理����。而前端跨域請(qǐng)求的需求不減,于是乎����。
Nginx跨域也比較簡(jiǎn)單��,只需添加以下配置即可��。
location / {
proxy_pass http://localhost:8080;
if ($request_method = "OPTIONS") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Token";
add_header "Access-Control-Max-Age" 1728000;
add_header "Content-Type" "text/plain; charset=utf-8";
add_header "Content-Length" 0;
return 204;
}
if ($request_method = "POST") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Token";
add_header "Access-Control-Expose-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Token";
}
if ($request_method = "GET") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Token";
add_header "Access-Control-Expose-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Token";
}
}
其中: add_header "Access-Control-Expose-Headers" 務(wù)必加上你請(qǐng)求時(shí)所帶的header�����。例如本例中的“Token”�����,其實(shí)是前端傳給后端過(guò)來(lái)的�����。如果記不得也沒(méi)有關(guān)系�����,瀏覽器的調(diào)試器會(huì)有詳細(xì)說(shuō)明����。
參考文檔:https://enable-cors.org/serve...
B.T.W����,阿里云中文檔描述到Nginx也可通過(guò)crossdomain.xml配置文件跨域:https://helpcdn.aliyun.com/kn... ,不過(guò)筆者并未采用這種方式�����。
CORS on Nginx
The following Nginx configuration enables CORS, with support for preflight requests.
#
# Wide-open CORS config for nginx
#
location / {
if ($request_method = "OPTIONS") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
#
# Custom headers and headers various browsers *should* be OK with but aren"t
#
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range";
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header "Access-Control-Max-Age" 1728000;
add_header "Content-Type" "text/plain; charset=utf-8";
add_header "Content-Length" 0;
return 204;
}
if ($request_method = "POST") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range";
add_header "Access-Control-Expose-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range";
}
if ($request_method = "GET") {
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS";
add_header "Access-Control-Allow-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range";
add_header "Access-Control-Expose-Headers" "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range";
}
}
瀏覽器設(shè)置跨域
Chrome����、Firefox本身是可以通過(guò)配置支持跨域請(qǐng)求的。
Chrome跨域:參考文檔:http://www.cnblogs.com/laden6...
Firefox跨域:參考文檔:https://segmentfault.com/q/10...
文章版權(quán)歸作者所有�����,未經(jīng)允許請(qǐng)勿轉(zhuǎn)載,若此文章存在違規(guī)行為����,您可以聯(lián)系管理員刪除。
轉(zhuǎn)載請(qǐng)注明本文地址:http://systransis.cn/yun/75857.html
