From d45036614d4f0e5354975d8de65c83e6118fc960 Mon Sep 17 00:00:00 2001
From: xuhy <3313886187@qq.com>
Date: 星期四, 02 一月 2025 14:21:20 +0800
Subject: [PATCH] 跨域
---
common/src/main/java/com/jilongda/common/config/CorsConfig.java | 69 ++++++++++++++++++++++++----------
1 files changed, 48 insertions(+), 21 deletions(-)
diff --git a/common/src/main/java/com/jilongda/common/config/CorsConfig.java b/common/src/main/java/com/jilongda/common/config/CorsConfig.java
index 5550eff..4049bb5 100644
--- a/common/src/main/java/com/jilongda/common/config/CorsConfig.java
+++ b/common/src/main/java/com/jilongda/common/config/CorsConfig.java
@@ -1,10 +1,25 @@
package com.jilongda.common.config;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.cors.reactive.CorsUtils;
import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import org.springframework.web.servlet.function.RequestPredicates;
+import org.springframework.web.servlet.function.RouterFunction;
+import org.springframework.web.servlet.function.RouterFunctions;
+import reactor.core.publisher.Mono;
import java.util.Collections;
@@ -24,30 +39,42 @@
*/
@Configuration
public class CorsConfig {
- private CorsConfiguration buildConfig() {
- CorsConfiguration corsConfiguration = new CorsConfiguration();
- //1.允许任何来源
- corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*"));
- //2.允许任何请求头
- corsConfiguration.addAllowedHeader(CorsConfiguration.ALL);
- //3.允许任何方法
- corsConfiguration.addAllowedMethod(CorsConfiguration.ALL);
- //4.允许凭证
- corsConfiguration.setAllowCredentials(true);
+ /**
+ * 这里为支持的请求头,如果有自定义的header字段请自己添加
+ */
+ private static final String ALLOWED_HEADERS = "X-Requested-With, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, request-origion";
+ private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE";
+ private static final String ALLOWED_ORIGIN = "*";
+ private static final String ALLOWED_EXPOSE = "*";
+ private static final String MAX_AGE = "18000L";
-
-
- return corsConfiguration;
- }
-
+ /**
+ * 跨域配置
+ */
@Bean
- public CorsFilter corsFilter() {
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- // 对接口配置跨域设置
-// source.registerCorsConfiguration("/v2/api-docs/**", buildConfig());
- source.registerCorsConfiguration("/**", buildConfig());
- return new CorsFilter(source);
+ public WebFilter corsFilter()
+ {
+ return (ServerWebExchange ctx, WebFilterChain chain) -> {
+ ServerHttpRequest request = ctx.getRequest();
+ if (CorsUtils.isCorsRequest(request))
+ {
+ ServerHttpResponse response = ctx.getResponse();
+ HttpHeaders headers = response.getHeaders();
+ headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS);
+ headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);
+ headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN);
+ headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE);
+ headers.add("Access-Control-Max-Age", MAX_AGE);
+ headers.add("Access-Control-Allow-Credentials", "false");
+ if (request.getMethod() == HttpMethod.OPTIONS)
+ {
+ response.setStatusCode(HttpStatus.OK);
+ return Mono.empty();
+ }
+ }
+ return chain.filter(ctx);
+ };
}
}
--
Gitblit v1.7.1