Shulou(Shulou.com)05/31 Report--

This article mainly introduces "what are the ways of springboot to solve cross-domain". In daily operation, I believe that many people have doubts about the way springboot solves cross-domain problems. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts about "what are the ways of springboot to solve cross-domain problems?" Next, please follow the editor to study!

What is cross-domain?

Cross-domain: refers to scripts that browsers cannot hold to other sites. It is caused by the same origin policy of the browser and is the security restriction imposed by the browser on javascript.

For example, if page a wants to obtain the resources of page b, if the protocols, domain names, end domains and domain names of page an and page b are different, the access actions of all pages are cross-domain.

Cross-domain access is generally restricted for security reasons, that is, cross-domain requests for resources are not allowed. Note: cross-domain restrictions on access are actually browser restrictions. Understand this point.

It's important.

Homologous policy: it means that the protocol, domain name and end ID should all be the same, and some of them will produce cross-domain products.

Several ways to solve cross-domain problems with springboot. 1. Notes on SpringBoot @ CrossOrigin

Directly add @ CrossOrigin annotations to Controller methods or classes. SpringMVC uses @ CrossOrigin usage scenarios to require jdk1.8+ Spring4.2+

@ GetMapping ("/ hello") @ CrossOriginpublic String hello () {return "hello:" + simpleDateFormat.format (new Date ());} method 2: use CorsFilterimport org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.web.cors.CorsConfiguration;import org.springframework.web.cors.UrlBasedCorsConfigurationSource;import org.springframework.web.filter.CorsFilter;@Configurationpublic class ConfigConfiguration {@ Bean public CorsFilter CorsFilter () {CorsConfiguration corsConfiguration = new CorsConfiguration () CorsConfiguration.addAllowedOriginPattern ("*"); corsConfiguration.addAllowedHeader ("*"); corsConfiguration.addAllowedMethod ("*"); corsConfiguration.setAllowCredentials (true); UrlBasedCorsConfigurationSource ub = new UrlBasedCorsConfigurationSource (); ub.registerCorsConfiguration ("/ *", corsConfiguration); return new CorsFilter (ub) Mode 3: custom filtering (web filter) @ Componentpublic class CustomFilter implements Filter {@ Override public void doFilter (ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {HttpServletResponse res = (HttpServletResponse) servletResponse; / / allows Cookie res.addHeader ("Access-Control-Allow-Credentials", "true") / / allow the http://www.xxx.com domain (set by yourself, for example only) to initiate cross-domain requests res.addHeader ("Access-Control-Allow-Origin", "*"); / / set the method res.addHeader ("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT") that allows cross-domain requests / / allow cross-domain requests to include content-type res.addHeader ("Access-Control-Allow-Headers", "Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN"); if (HttpServletRequest) servletRequest) .getMethod () .equals ("OPTIONS")) {servletResponse.getWriter () .println ("ok"); return;} filterChain.doFilter (servletRequest, servletResponse) Mode 4: implement the addCorsMappings method import org.springframework.stereotype.Component;import org.springframework.web.servlet.config.annotation.CorsRegistry;import org.springframework.web.servlet.config.annotation.WebMvcConfigurer in WebMvcConfigurer @ Componentpublic class MyWebMvcConfigurer implements WebMvcConfigurer {@ Override public void addCorsMappings (CorsRegistry registry) {registry.addMapping ("/ * *") / / matches all paths .allowCredentials (true) / / sets the permission credential .allowedHeaders ("*") / / sets the request header .allowedMethods ("GET", "POST", "PUT") "DELETE") / / sets the way allowed. AllowedOriginPatterns ("*") Method 5: using nginx as a dynamic agent here, the study on "what are the ways of springboot to solve cross-domain problems" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.