Springboot Resolving cross-domain issues (Cors)

1, for the front-end separation of the project, if the front-end project and the back-end project deployed in two different domains, it will inevitably cause cross-domain problems.

For cross-domain issues, the first solution we might think of is JSONP, and I deal with cross-domain issues before.

But the JSONP way is also inadequate, whether for the front end or back end, the wording and our usual Ajax wording, the same backend needs to make corresponding changes. Also, the Jsonp method can only pass parameters through get requests, and of course there are other shortcomings,

The JQuery Ajax approach initiates cross-domain requests with the JSONP type, in the same way as a <script> script request, so you can only use get to initiate cross-domain requests when using JSONP. Cross-domain requests require a server-side mate, set up callback, to complete cross-domain requests.

In view of this, I did not rush to use the JSONP approach to solve cross-domain problems, to find other ways on the Internet, which is the main point of this article, in the Springboot through the Cors protocol to solve cross-domain problems.

2. Cors protocol

New features in H5: Cross-origin Resource Sharing (cross-domain resource sharing). Through it, our developers (primarily back-end developers) can determine whether resources can be accessed across domains.

Cors is a standard that allows browsers (currently IE8 below) to make XMLHttpRequest requests like our non-homologous servers, and we can continue to use AJAX for request access.

Specific about the Cors protocol article, you can refer to http://www.ruanyifeng.com/blog/2016/04/cors.html This article, speak pretty good.

3. Springboot Solution

A. Create a filter to resolve the cross-domain.

@Componentpublic class Simplecorsfilter implements Filter {public    void DoFilter (ServletRequest req, Servletresponse Res, Filterchain chain) throws IOException, servletexception {        httpservletresponse response = ( HttpServletResponse) Res;        Response.setheader ("Access-control-allow-origin", "*");        Response.setheader ("Access-control-allow-methods", "POST, GET, OPTIONS, DELETE, HEAD");        Response.setheader ("Access-control-max-age", "3600");        Response.setheader ("Access-control-allow-headers", "Access-control-allow-origin, authority, Content-type, Version-info, X-requested-with ");        Chain.dofilter (req, res);    }    public void init (Filterconfig filterconfig) {} public    void Destroy () {}}

B. Cross-domain to join cors based on Webmvcconfigureradapter configuration

Import org.springframework.context.annotation.Configuration;  Import Org.springframework.web.servlet.config.annotation.CorsRegistry;  Import Org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;  @Configuration public  class Corsconfig extends Webmvcconfigureradapter {      @Override public      Void Addcorsmappings (Corsregistry registry) {          registry.addmapping ("/**").                  allowedorigins ("*")                  . Allowcredentials (True)                  . Allowedmethods ("GET", "POST", "DELETE", "PUT")                  . MaxAge (3600);      }  }

If you want to be more detailed, you can use the @crossorigin annotation in the controller class.

@CrossOrigin (Origins = "http://192.168.1.10:8080", MaxAge = 3600) @RequestMapping ("Rest_index") @RestControllerpublic Class indexcontroller{

This allows you to specify that all methods in the controller can handle requests from http:19.168.1.10:8080.

The first filter scheme also supports SPRINGMVC.

The second type is commonly used in springboot.

Springboot Resolving cross-domain issues (Cors)