spring 跨域处理

简单记录工作时遇到的问题,便于回顾.温故而知新

1.Filter过滤器

@Slf4j
@WebFilter(filterName = "cors", urlPatterns = "/*")
public class SimpleCORSFilter implements Filter {

    @Override
    public void destroy() {

    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
                         FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        String url = request.getRequestURI();
        if (StrUtil.isNotBlank(url)) {
            HttpServletResponse response = (HttpServletResponse) res;
            response.setHeader("Access-Control-Allow-Origin", "*");
            response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE,PUT,HEAD,PATCH");
            response.setHeader("Access-Control-Max-Age", "3600");
            response.setHeader("Access-Control-Allow-Headers", "*");
            chain.doFilter(req, res);
        } else { //直接过去
            chain.doFilter(req, res);
        }


    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }

}

非Filter过滤器配置

@Configuration
public class WebConfig implements WebMvcConfigurer {

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**").allowedOrigins("*")
                .allowedMethods("*").allowedHeaders("*");
    }

}

建议使用设置优先级最高

有些情况下可能需要filter优先级要设置成最高

@Configuration
public class CorsConfig {

    @Bean(name = "corsFilter")
    public FilterRegistrationBean<CorsFilter> corsFilterFilterRegistrationBean() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", corsConfiguration());
        FilterRegistrationBean<CorsFilter> filterRegistrationBean = new FilterRegistrationBean<>(new CorsFilter(source));
        filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
        return filterRegistrationBean;
    }

    private CorsConfiguration corsConfiguration() {
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Arrays.asList("*"));
        configuration.setAllowedMethods(Arrays.asList("*"));
        configuration.setAllowedHeaders(Arrays.asList("*"));
        configuration.setMaxAge(Duration.of(1, ChronoUnit.MINUTES));
        configuration.setAllowCredentials(true);
        return configuration;
    }
}

注意:

建议设置跨域为最高优先级的方式