[英]CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource Spring Boot Rest API
Hi Everyone, I am getting the error as shown in below error log details when an external client tries to consume my following api " http://host_details/processdocument " which is of type multipartformdata but other than this all other API works fine which are of type application/Json .大家好,当外部客户端尝试使用我的以下 api “ http://host_details/processdocument ” 时,我收到如下错误日志详细信息所示的错误,它是multipartformdata类型,但除此之外,所有其他 API 都可以正常工作类型 application/Json 。 So kindly guide me to find out the mistake I am doing in CORS config.所以请指导我找出我在 CORS 配置中犯的错误。 The code and error details are as follows:代码和错误详情如下:
Error Log seen on browser: Access to XMLHttpRequest at ' http://host_details/processdocument ' from origin ' http://caller_host:4212 ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.在浏览器上看到的错误日志:从源 ' http://caller_host:4212 ' 访问 XMLHttpRequest at ' http://host_details/ processdocument ' 已被 CORS 策略阻止:不存在 'Access-Control-Allow-Origin' 标头在请求的资源上。
I am using Spring Boot based application with following CORS Config:我正在使用具有以下 CORS 配置的基于 Spring Boot 的应用程序:
1] CORS Config details: 1] CORS 配置详细信息:
@Component
public class SimpleCORSFilter implements Filter {
private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);
public SimpleCORSFilter() {
log.info("SimpleCORSFilter init");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
log.info(request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "36000");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
2] The Rest API Controller class: 2] Rest API 控制器类:
@RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
private ResponseEntity<Map<String, Object>> processVisa(
@RequestPart(value = "file",required=true) MultipartFile file,
@RequestPart(value = "applicationId",required=true) String applicationId,
@RequestPart(value = "fileCategory",required=true) String fileCategory)
{
//// implemntation here
}
3] Request Header found in Console of API: 3] 在 API 控制台中找到的请求标头:
Now Multipart
Request URL:
http://host_detailas/processdocument
Request Method:
POST
Status Code:
500
Remote Address:
Remote_address_Url:82
Referrer Policy:
no-referrer-when-downgrade
Request Headers
Provisional headers are shown
Accept:
application/json, text/plain, */*
Content-Type:
multipart/form-data
Origin:
http://localhost:4222
Referer:
http://localhost:4222/
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
Request Payload
------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
Name
processdocument
that is the cors option method problem.这就是 cors 选项方法问题。 you need to grant access option method try this on security您需要授予访问选项方法在安全性上试试这个
public class CustomSecurity extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.