[英]CORS origin is not working in Spring boot with Javax servlet Webfilter
我用 java 和 spring boot 創建了一個 Rest API。
使用javax.servlet.annotation.WebFilter
檢查身份驗證。 它工作正常,但面臨
Access to XMLHttpRequest at 'http://localhost:8080/api/' from origin 'null' has been blocked by CORS policy
問題 所以我在@RestController class
使用@CrossOrigin(origins = "*")
當我嘗試從前端應用程序訪問我的 rest api 時,它在瀏覽器控制台中顯示CROS policy
錯誤並在服務器控制台中顯示401
錯誤。
當我刪除@WebFilter
注釋時,CROS 原點工作正常。
我該如何解決這個問題。
我的代碼
春季啟動版本
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>2.2.5.RELEASE</version>
</dependency>
控制器.java
@RestController
@CrossOrigin(origins = "*")
@RequestMapping(value = "api")
public class Controller {
}
應用程序.java
@SpringBootApplication
@ServletComponentScan
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
}
登錄句柄過濾器.java
@WebFilter(description = "Login and encoding filter", urlPatterns = {"/api/*"}) 公共類 LoginHandleFilter 實現 Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String token = request.getHeader("Authorization");
if(isAuthenticate(token)){
chain.doFilter(request, response);
}else{
response.sendError(401);
}
}
@Override
public void destroy() {
}
private boolean isAuthenticate(String token){
return token.equals("Mytoken");
}
}
javascript
var http = new XMLHttpRequest():
http.open("GET", "http://localhost:8080/api/", true);
http.setRequestHeader("Authorization", "TOKEN");
http.onreadystatechange = function(){
}
http.send();
我在這里錯過了什么嗎?
添加此配置類。 如果您已經有一個 WebMvcConfigurer,只需添加addCorsMappings
方法。 然后應該讀取通過CrossOrigin
注釋提供的 cors 配置,並將必要的標頭Access-Control-Allow-Origin
添加到響應標頭中。
@Configuration
public class MyConfiguration implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**");
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.