1、Nginx配置跨域:
server {
listen 80;
server_name your-backend-service.com;
location / {
proxy_pass http://localhost:8080; # Spring Boot应用的内部地址
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 添加CORS头部允许指定域名
add_header 'Access-Control-Allow-Origin' 'http://example.com';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
# 预检请求响应
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' 'http://example.com';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
}
#Access-Control-Allow-Origin:指定允许跨域请求的源。可以是具体的域名(如http://example.com),或者使用*表示允许所有源。但是,当需要携带凭证(如Cookies)时,必须指定具体的域名。
#Access-Control-Allow-Methods:列出允许的HTTP方法,如GET、POST、PUT、DELETE、OPTIONS等。
#Access-Control-Allow-Headers:指定允许在请求中使用的自定义头部,如Content-Type、#Authorization等。
#Access-Control-Allow-Credentials:如果设置为true,则允许跨域请求携带凭证(如Cookies)。当设置此选项时,Access-Control-Allow-Origin不能设置为*,必须指定具体的域名。
#Access-Control-Max-Age:指定预检请求的有效期(以秒为单位),在有效期内,浏览器不会再次发送预检请求。
2、实现WebMvcConfigurer
package com.hmmy.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class CorsConfig implements WebMvcConfigurer {
/**
* 跨域处理
*/
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
}
// @Override
// public void addResourceHandlers(ResourceHandlerRegistry registry) {
// registry.addResourceHandler("/**")
// .addResourceLocations("classpath:/resources/","classpath:/static/","classpath:/META-INF/resources/");
.addResourceLocations("file:C:/Picture/323223618780001/"); /** windows 系统配置路径*/
.addResourceLocations("file:/home/java/"); /** linux 系统配置路径*/
// }
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").
allowedOrigins("*"). //允许跨域的域名,可以用*表示允许任何域名使用
allowedMethods("*"). //允许任何方法(post、get等)
allowedHeaders("*"). //允许任何请求头
allowCredentials(true). //带上cookie信息
exposedHeaders(HttpHeaders.SET_COOKIE).maxAge(3600L); //maxAge(3600)表明在3600秒内,不需要再发送预检验请求,可以缓存该结果
}
};
}
}
3、使用拦截器
@Component
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse res = (HttpServletResponse) response;
res.addHeader("Access-Control-Allow-Credentials", "true");
res.addHeader("Access-Control-Allow-Origin", "*");
res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
res.addHeader("Access-Control-Allow-Headers", "Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN");
if (((HttpServletRequest) request).getMethod().equals("OPTIONS")) {
response.getWriter().println("ok");
return;
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}
本站资源均来自互联网,仅供研究学习,禁止违法使用和商用,产生法律纠纷本站概不负责!如果侵犯了您的权益请与我们联系!
转载请注明出处: 免费源码网-免费的源码资源网站 » Nginx Spring boot指定域名跨域设置
发表评论 取消回复