Shulou(Shulou.com)06/03 Report--

This article shows you how to deal with cross-domain request CORS in SpringBoot development. The content is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

CORS (Cross-Origin Resource Sharing) "cross-domain resource sharing" is a W3C standard that allows browsers to send Ajax requests to cross-domain servers, breaking the restriction that Ajax can only access resources within the site.

In the separate architecture, we often encounter cross-domain CORS problems, the performance of the browser is the following error message: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Let's take a look at how to make your SpringBoot project support CORS cross-domain.

SpringBoot processing across domains

It is easy to handle cross-domain processing in the SpringBoot backend. You only need to add the following configuration class to the project:

/ * * Spring Boot 2.0 solves cross-domain problems * @ Author javadaily * / @ Configurationpublic class WebMvcConfiguration implements WebMvcConfigurer {@ Bean public CorsFilter corsFilter () {final UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource (); final CorsConfiguration corsConfiguration = new CorsConfiguration (); / * whether to allow requests with authentication information * / corsConfiguration.setAllowCredentials (true); / * client domain names allowed to be accessed * / corsConfiguration.addAllowedOrigin ("*") / * client request headers that allow server access * / corsConfiguration.addAllowedHeader ("*"); / * allowed access method names, GET POST, etc. * / corsConfiguration.addAllowedMethod ("*"); urlBasedCorsConfigurationSource.registerCorsConfiguration ("/ * *", corsConfiguration); return new CorsFilter (urlBasedCorsConfigurationSource);}}

Here we inject CorsFilter into the configuration class and rewrite the relevant configuration. You can change the * to specific attribute values according to your business needs.

Through the above configuration, we can basically solve the backend cross-domain problem, but there are still cross-domain problems in some specific cases.

Special circumstances

When there is a custom filter in the project, and the return information is output directly to the client through response.getWriter (). Print () in the filter:

The subsequent filter chain will not be executed in this case.

On the other hand, the priority of the custom filter in SpringBoot is higher than that defined in WebMvcConfigurer, so the cross-domain phenomenon still occurs because it is not processed by the CORS filter.

At this point, we need to rewrite the CorsFilter so that it executes before customizing the filter.

Solution method

Customize Cors filter

Public class CustomerCorsFilter extends CorsFilter {public CustomerCorsFilter () {super (configurationSource ());} private static UrlBasedCorsConfigurationSource configurationSource () {/ / CORS authorization CorsConfiguration config = new CorsConfiguration (); config.setAllowCredentials (true); config.addAllowedOrigin ("*"); config.addAllowedHeader ("*"); config.addAllowedMethod ("*"); config.addExposedHeader (HttpHeaders.SET_COOKIE) Config.setMaxAge (3600L); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource (); source.registerCorsConfiguration ("/ *", config); return source;}}

Specify the priority of the filter by configuration class

@ Configurationpublic class FilterConfig {@ Bean public Filter authFilter () {return new AuthFilter ();} / * WARNING: cross-domain filter. Note the order of execution. You must add filter registration.setFilter (new CustomerCorsFilter ()) after AuthFilter filter * @ return * / @ Bean public FilterRegistrationBean corsFilterRegistration () {FilterRegistrationBean registration = filter () List urlList = new ArrayList (); urlList.add ("/ *"); / / set filter paths, / * all paths registration.setUrlPatterns (urlList); / / add default parameter registration.setName ("CorsFilter"); / / set priority registration.setOrder (- 1); return registration } @ Bean public FilterRegistrationBean authFilterRegistration () {FilterRegistrationBean registration = new FilterRegistrationBean (); / / add filter registration.setFilter (authFilter ()); List urlList = new ArrayList (); urlList.add ("/ *"); / / set filter paths, / * all paths registration.setUrlPatterns (urlList); / / add default parameter registration.setName ("authFilter") / / set priority registration.setOrder (1); return registration;}}

The order in which the filter is executed is specified by the setOrder () method to ensure that the CORS filter first enters the custom filter execution. Note: the smaller the order of order, the higher the priority.

The above is how to deal with cross-domain request CORS in SpringBoot development. have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.