AI 助理
备案控制台
开发者社区 开发与运维 文章 正文

Java - 探究前后分离带来的跨域问题

2024-01-02 54
版权
版权声明:
本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《 阿里云开发者社区用户服务协议》和 《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写 侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
简介: Java - 探究前后分离带来的跨域问题

为什么会产生跨域问题

1995年,Netscape 公司出于安全的考虑在浏览器中引入了“同源策略”。

跨域问题只出现在浏览器访问的页面,因为这是浏览器为了保户用户安全而制造的策略。假如没有这层保护,网站就很容易受到跨站伪造请求(CSRF)的攻击。

同源策略 (Same-origin policy)

浏览器端对请求的处理中,如果两个 URL 的协议、域名和端口都相同,我们就称这两个URL 同源

我们来举几个例子

同源

http://www.xxxx.com/index
  http://www.xxxx.com/module/path1

非同源

http://www.xxxx.com/index
 https://www.xxxx.com/module/path1
http://www.xxxx.com/index
 http://www.yyyy.com/module/path1
http://www.xxxx.com/index
 http://www.xxxx.com:8081/module/path1

两个相同的源之间浏览器默认其是可以相互访问资源和操作 DOM 的。两个不同的源之间若想要相互访问资源或者操作 DOM,那么会有一套基础的安全策略的制约。

  • 安全性: 浏览器要防止当前站点的私密数据不会向其他站点发送

如当前站点的Cookie,LocalStorage,IndexDb 不会被发送到其他站点或被其他站点脚本读取到。

无法跨域获取Dom,无法发送Ajax请求。

  • 可用性:大型站点的图片,音视频等资源,希望部署在独立服务器上,为缓解当前服务的压力,开放某些特定的方式,访问非同源站点

如:

<img><iframe><link><vedio></code>等,可以同src属性跨域访问 允许跨域提交表单/或<a href="https://so.csdn.net/so/search?spm=a2c6h.13046898.publish-article.37.59046ffaXBLh11&q=%E9%87%8D%E5%AE%9A%E5%90%91" target="_blank">重定向</a>请求</div></blockquote><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_1be1d14310844280a7c482336f130d76.gif%22%2C%22originWidth%22%3A240%2C%22originHeight%22%3A240%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A240%2C%22height%22%3A240%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><h2 id="YtoJi"><a name="t3"></a><a></a>解决方案</h2><h3 id="BBsAq"><a name="t4"></a><a></a>服务端解决方案</h3><div>跨域请求分两种情况</div><h4 id="bay7t"><a name="t5"></a><a></a>简单请求</h4><ol><li>请求方法使用GET/HEAD/POST请求之一</li><li>仅能使用CORS安全的头部,Accept,Accept-Language, Content-Language,Content-Type</li><li>Content-Type的值只能是:text/plain,multipart/form-data,application/x-www-form-urlencoded三者其中之一</li></ol><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_bdd9408b17484971aefaba47c8be261c.png%22%2C%22originWidth%22%3A1078%2C%22originHeight%22%3A365%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1078%2C%22height%22%3A365%7D"></span></div><div>请求从domain a 发过来, 请求到web domain b , 如果这个时候domain b 返回一个允许,可以解决这个问题。</div><div>服务端解决方案: 在http响应头中添加 Access-Control-Allow-Origin 头,值为信任的站点</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_26e8e202253744d0b4d6827d421c0c7b.png%22%2C%22originWidth%22%3A946%2C%22originHeight%22%3A196%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A946%2C%22height%22%3A196%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><h4 id="WZL6J"><a name="t6"></a><a></a>复杂请求</h4><div><strong>不符合简单请求条件的即为复杂请求,访问跨域资源前,需要发起preflight预检请求(OPTIONS请求)询问何种请求是被允许的,预检请求失败,则不会发起正式的业务请求,预检请求成功,然后发起正式请求。</strong></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_9b32e9bf47d54e5fb125bb8c2ea3ac56.png%22%2C%22originWidth%22%3A1485%2C%22originHeight%22%3A1067%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1485%2C%22height%22%3A1067%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_e25521050a664692a623a4529997649c.png%22%2C%22originWidth%22%3A240%2C%22originHeight%22%3A218%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A240%2C%22height%22%3A218%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><h4 id="O8CZi"><a name="t7"></a><a></a>测试</h4><div>随便写个spring boot 的工程,启动2个端口 一个8080 一个8081 ,访问8080的页面,调用8081的后台服务 , 用来测试</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_4752170c8cc94d59bbe7de17dad1aae9.png%22%2C%22originWidth%22%3A896%2C%22originHeight%22%3A119%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A896%2C%22height%22%3A119%7D"></span></div><h5 id="AnV04"><a></a>简单请求测试</h5><div>来看第一个</div><div>CASE1: 【GET请求】</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_8824bfc0d3e04b67809742d74fcdaa57.png%22%2C%22originWidth%22%3A863%2C%22originHeight%22%3A507%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A863%2C%22height%22%3A507%7D"></span></div><div>点击访问</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_4270b9b06c1b4515959088f51a52e605.png%22%2C%22originWidth%22%3A1040%2C%22originHeight%22%3A108%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1040%2C%22height%22%3A108%7D"></span></div><div>服务端后台的代码</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_2648db02011a4a339c0b838ed35f7cdb.png%22%2C%22originWidth%22%3A905%2C%22originHeight%22%3A179%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A905%2C%22height%22%3A179%7D"></span></div><div>添加</div><div data-card-type="block" data-ready-card="codeblock" data-card-value="data:%7B%22mode%22%3A%22plain%22%2C%22code%22%3A%22response.addHeader(%5C%22Access-Control-Allow_origin%5C%22%2C%5C%22http%3A%2F%2Flocalhost%3A8080%5C%22)%3B%5Cn%E2%80%A2%201%22%2C%22id%22%3A%22qj91P%22%7D"></div><div>重启后, 重新测试</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_4606006186124c3d84280347b16a59ee.png%22%2C%22originWidth%22%3A774%2C%22originHeight%22%3A279%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A774%2C%22height%22%3A279%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><div>CASE2: 【表单请求】</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_fd99e2823a344161abefbcd28dacc89d.png%22%2C%22originWidth%22%3A975%2C%22originHeight%22%3A357%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A975%2C%22height%22%3A357%7D"></span></div><div>目前的后端代码</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_d5d02e14d29743e3a771d3a2a9ea82cc.png%22%2C%22originWidth%22%3A1004%2C%22originHeight%22%3A177%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1004%2C%22height%22%3A177%7D"></span></div><div>来 测试走一波</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_1bee980a1f884131ab57597f47ca6ed8.png%22%2C%22originWidth%22%3A1019%2C%22originHeight%22%3A122%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1019%2C%22height%22%3A122%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_bc1e89d30ad34066969c1f44991a41df.png%22%2C%22originWidth%22%3A190%2C%22originHeight%22%3A190%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A190%2C%22height%22%3A190%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_7bc9f0558c2048858f3095bac5bf6f85.png%22%2C%22originWidth%22%3A936%2C%22originHeight%22%3A182%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A936%2C%22height%22%3A182%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_a09e55a9d76147ad9afe3b99a265ce50.png%22%2C%22originWidth%22%3A300%2C%22originHeight%22%3A277%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A300%2C%22height%22%3A277%7D"></span></div><div>重启重新测试 , OK</div><div data-card-type="block" data-ready-card="hr"></div><h5 id="GUG9V"><a></a>复杂请求测试</h5><div>【复杂请求】</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_6d198344f1dc40a98ae2d6736f93c0f3.png%22%2C%22originWidth%22%3A766%2C%22originHeight%22%3A370%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A766%2C%22height%22%3A370%7D"></span></div><div><strong>和上面Case2的请求一模一样,除了 Content-Type , 那 还能用上面的添加响应头解决吗?<br />答案是不能的。。。。。</strong></div><div>我们用wireshark来跟踪下 option 预检的 请求</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_60f8e4de8a244008ad272a63f976aa47.png%22%2C%22originWidth%22%3A1403%2C%22originHeight%22%3A250%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1403%2C%22height%22%3A250%7D"></span></div><div>Spring Boot 官方给出了解决方案</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_7f412873315d4542b39764132dcfb240.png%22%2C%22originWidth%22%3A703%2C%22originHeight%22%3A689%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A703%2C%22height%22%3A689%7D"></span></div><div>我们就看全局的这个配置吧</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_90792569c5e44841afdd7529ad4a3fb8.png%22%2C%22originWidth%22%3A646%2C%22originHeight%22%3A760%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A646%2C%22height%22%3A760%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_aa65e1c03b8643bb95503a09174491a0.png%22%2C%22originWidth%22%3A1061%2C%22originHeight%22%3A271%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1061%2C%22height%22%3A271%7D"></span></div><div>请求下 跟踪下</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_3da8320c6b0145e08112b87a0b475caf.png%22%2C%22originWidth%22%3A803%2C%22originHeight%22%3A170%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A803%2C%22height%22%3A170%7D"></span></div><div>good</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_4ff8953b700845758eebeb847295e675.png%22%2C%22originWidth%22%3A568%2C%22originHeight%22%3A547%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A568%2C%22height%22%3A547%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><div data-card-type="block" data-ready-card="hr"></div><h3 id="HIBzR"><a name="t8"></a><a></a>代理服务器,反向代理接口请求</h3><div data-card-type="block" data-ready-card="codeblock" data-card-value="data:%7B%22mode%22%3A%22plain%22%2C%22code%22%3A%22location%20%2Fapi%20%7B%5Cn%20%20%20rewrite%20%5E%2Fapi%2F(.*)%24%20%2F%241%20break%3B%5Cn%20%20%20proxy_pass%20http%3A%2F%2Flocalhost%3A8081%2F%3B%5Cn%20%7D%5Cn%E2%80%A2%201%5Cn%E2%80%A2%202%5Cn%E2%80%A2%203%5Cn%E2%80%A2%204%22%2C%22id%22%3A%22i31kI%22%7D"></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_c844a62b6cbc4779a724622c6f83de6a.png%22%2C%22originWidth%22%3A863%2C%22originHeight%22%3A839%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A863%2C%22height%22%3A839%7D"></span></div><div><strong>说一下为什要rewrite, 因为 api 这个前缀仅仅用于前台页面发请求时候携带, 后台并没有 api这个context, 所以需要在nnginx 通过rewrite机制来将api 替换掉 。</strong></div><div data-card-type="block" data-ready-card="codeblock" data-card-value="data:%7B%22mode%22%3A%22plain%22%2C%22code%22%3A%22rewrite%20%5E%2Fapi%2F(.*)%24%20%2F%241%20break%3B%5Cn%E2%80%A2%201%22%2C%22id%22%3A%221mp7a%22%7D"></div><div>这个就是 一 /api开头的请求, 替换为 $1 , 这个$1就是 请求中/api后面的内容, break 即为 匹配到则不往后面找了。</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_05d3b9e008ab4b53bc4c931f25bb0de1.png%22%2C%22originWidth%22%3A240%2C%22originHeight%22%3A233%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A240%2C%22height%22%3A233%7D"></span></div><div data-card-type="block" data-ready-card="hr"></div><h3 id="YbQii"><a name="t9"></a><a></a>jsonp 方式</h3><div>基于</div><div>可用性:大型站点的图片,音视频等资源,希望部署在独立服务器上,为缓解当前服务的压力,开放某些特定的方式,访问非同源站点 。</div><div>如:<code><script><img><iframe><link><vedio></code>等,可以同src属性跨域访问 允许跨域提交表单/或重定向请求</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_21455ffc859b49418a9fa096bde81036.png%22%2C%22originWidth%22%3A489%2C%22originHeight%22%3A239%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A489%2C%22height%22%3A239%7D"></span></div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_23ad42b0b41d46ac92348c6ecb9f7899.png%22%2C%22originWidth%22%3A865%2C%22originHeight%22%3A680%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A865%2C%22height%22%3A680%7D"></span></div><div>后台代码</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_7d92ab5f730c43fb80f1be43be00473a.png%22%2C%22originWidth%22%3A730%2C%22originHeight%22%3A200%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A730%2C%22height%22%3A200%7D"></span></div><div>测试走一波</div><div><span data-card-type="inline" data-ready-card="image" data-card-value="data:%7B%22src%22%3A%22https%3A%2F%2Fucc.alicdn.com%2Fpic%2Fdeveloper-ecology%2F2gjpvgln6kp4w_7d1535ebcc48400cb4eb5e7ee2152702.png%22%2C%22originWidth%22%3A1442%2C%22originHeight%22%3A325%2C%22size%22%3A0%2C%22display%22%3A%22inline%22%2C%22align%22%3A%22left%22%2C%22linkTarget%22%3A%22_blank%22%2C%22status%22%3A%22done%22%2C%22style%22%3A%22none%22%2C%22search%22%3A%22%22%2C%22margin%22%3A%7B%22top%22%3Afalse%2C%22bottom%22%3Afalse%7D%2C%22width%22%3A1442%2C%22height%22%3A325%7D"></span></div><div><strong>了解下就行了,实际中很少会用到jsonp来解决跨域问题</strong></div><div><br /></div>


文章标签:
Java
JavaScript
安全
前端开发
关键词:
Java跨域
Java分离
Java跨域问题
小小工匠
目录
相关文章
杰哥在此
|
5月前
|
缓存 算法 Java
Java面试题:深入探究Java内存模型与垃圾回收机制,Java中的引用类型在内存管理和垃圾回收中的作用,Java中的finalize方法及其在垃圾回收中的作用,哪种策略能够提高垃圾回收的效率
Java面试题:深入探究Java内存模型与垃圾回收机制,Java中的引用类型在内存管理和垃圾回收中的作用,Java中的finalize方法及其在垃圾回收中的作用,哪种策略能够提高垃圾回收的效率
杰哥在此
44 1
喜欢猪猪
|
1月前
|
存储 分布式计算 Java
存算分离与计算向数据移动:深度解析与Java实现
【11月更文挑战第10天】随着大数据时代的到来,数据量的激增给传统的数据处理架构带来了巨大的挑战。传统的“存算一体”架构,即计算资源与存储资源紧密耦合,在处理海量数据时逐渐显露出其局限性。为了应对这些挑战,存算分离(Disaggregated Storage and Compute Architecture)和计算向数据移动(Compute Moves to Data)两种架构应运而生,成为大数据处理领域的热门技术。
喜欢猪猪
60 2
java冯坚持
|
2月前
|
JavaScript 前端开发 Java
解决跨域问题大集合:vue-cli项目 和 java/springboot(6种方式) 两端解决(完美解决)
这篇文章详细介绍了如何在前端Vue项目和后端Spring Boot项目中通过多种方式解决跨域问题。
java冯坚持
395 1
解决跨域问题大集合:vue-cli项目 和 java/springboot(6种方式) 两端解决(完美解决)
杰哥在此
|
5月前
|
存储 算法 Java
Java面试题:深入探究Java内存模型与垃圾回收机制,解释JVM中堆内存和栈内存的主要区别,谈谈对Java垃圾回收机制的理解,Java中的内存泄漏及其产生原因,如何检测和解决内存泄漏问题
Java面试题:深入探究Java内存模型与垃圾回收机制,解释JVM中堆内存和栈内存的主要区别,谈谈对Java垃圾回收机制的理解,Java中的内存泄漏及其产生原因,如何检测和解决内存泄漏问题
杰哥在此
71 0
招风的黑耳
|
4月前
|
安全 前端开发 Java
Web端系统开发解决跨域问题——以Java SpringBoot框架配置Cors为例
在Web安全上下文中,源(Origin)是指一个URL的协议、域名和端口号的组合。这三个部分共同定义了资源的来源,浏览器会根据这些信息来判断两个资源是否属于同一源。例如,https://www.example.com:443和http://www.example.com虽然域名相同,但由于协议和端口号不同,它们被视为不同的源。同源(Same-Origin)是指两个URL的协议、域名和端口号完全相同。只有当这些条件都满足时,浏览器才认为这两个资源来自同一源,从而允许它们之间的交互操作。
招风的黑耳
62 0
Web端系统开发解决跨域问题——以Java SpringBoot框架配置Cors为例
bug菌
|
6月前
|
存储 Java 测试技术
滚雪球学Java(56):探究Java中Collection接口,理解集合框架的实现原理
【6月更文挑战第10天】🏆本文收录于「滚雪球学Java」专栏,专业攻坚指数级提升,希望能够助你一臂之力,帮你早日登顶实现财富自由🚀;同时,欢迎大家关注&&收藏&&订阅!持续更新中,up!up!up!!
bug菌
64 2
滚雪球学Java(56):探究Java中Collection接口,理解集合框架的实现原理
weixin_836869520
|
5月前
|
缓存 前端开发 Java
在Java项目中实现跨域资源共享(CORS)
在Java项目中实现跨域资源共享(CORS)
weixin_836869520
84 1
bug菌
|
7月前
|
Java 编译器
滚雪球学Java(34):探究Java方法的神奇魔法和参数传递奥秘
【5月更文挑战第9天】🏆本文收录于「滚雪球学Java」专栏,专业攻坚指数级提升,希望能够助你一臂之力,帮你早日登顶实现财富自由🚀;同时,欢迎大家关注&&收藏&&订阅!持续更新中,up!up!up!!
bug菌
38 1
滚雪球学Java(34):探究Java方法的神奇魔法和参数传递奥秘
绿水长流*z
|
6月前
|
Java API
详细探究Java多线程的线程状态变化
Java多线程的线程状态主要有六种:新建(NEW)、可运行(RUNNABLE)、阻塞(BLOCKED)、等待(WAITING)、超时等待(TIMED_WAITING)和终止(TERMINATED)。线程创建后处于NEW状态,调用start()后进入RUNNABLE状态,表示准备好运行。当线程获得CPU资源,开始执行run()方法时,它处于运行状态。线程可以因等待锁或调用sleep()等方法进入BLOCKED或等待状态。线程完成任务或发生异常后,会进入TERMINATED状态。
绿水长流*z
21251 5
北京-宏哥
|
6月前
|
Java 测试技术 Web App开发
《手把手教你》系列技巧篇(六十二)-java+ selenium自动化测试-RemoteWebDriver让你的代码与测试分离(远程测试)
【6月更文挑战第3天】本文介绍了在没有本地浏览器的情况下,如何使用RemoteWebDriver进行远程自动化测试。RemoteWebDriver分为客户端和服务端,客户端运行测试代码,服务端启动服务。服务端需要安装JDK、浏览器和对应的WebDriver,并启动selenium-server-standalone.jar。客户端通过URL连接到服务端,并指定预期的浏览器类型。这样,客户端的测试代码就能远程控制服务端的浏览器执行自动化测试。RemoteWebDriver的优点包括跨平台和浏览器测试、提高测试稳定性以及使测试环境和执行代码的机器分离。
北京-宏哥
571 3

热门文章

最新文章

  • 1
    从零搭建Web所需服务(四)Java连接ES进行分词并获取结果
  • 2
    迅速了解多例模式竞争者-枚举 | 带你学《Java面向对象编程》之七十四
  • 3
    java源码 - ReentrantLock
  • 4
    关于JAVA中子类和父类的构造方法
  • 5
    Java Poi 创建与读取Excel
  • 6
    Java并发系列(6)java关键字-final
  • 7
    【java】值传递和引用传递---对象作为方法的参数传入属于哪种传递
  • 8
    Java.nio vs Java.io
  • 9
    Java程序内存分析:使用mat工具分析内存占用
  • 10
    java debug 渗透测试
  • 1
    【Java开发指南 | 第三十一篇】Java 包(package)
    71
  • 2
    【Java开发指南 | 第二十九篇】Java接口
    46
  • 3
    【Java开发指南 | 第二十八篇】Java封装
    53
  • 4
    【Java开发指南 | 第二十六篇】Java多态
    40
  • 5
    【Java开发指南 | 第二十四篇】Java继承
    59
  • 6
    【Java开发指南 | 第九篇】访问实例变量和方法、继承、接口
    53
  • 7
    【Java开发指南 | 第八篇】Java变量、构造方法、创建对象
    93
  • 8
    Java Stream API详解与使用
    94
  • 9
    Java医院绩效考核系统源码B/S+avue+MySQL助力医院实现精细化管理
    81
  • 10
    《手把手教你》系列技巧篇(四十三)-java+ selenium自动化测试-处理https 安全问题或者非信任站点-上篇(详解教程)
    132

    • 相关课程

    更多
  • Java面试疑难点解析 - 面试技巧及语言基础
  • Java面试疑难点解析 - Java Web开发
  • Java面试疑难点解析 - 系统架构及项目设计
  • Java编程入门
  • Java面向对象编程
  • Java高级编程

    • 相关电子书

    更多
  • Spring Cloud Alibaba - 重新定义 Java Cloud-Native
  • The Reactive Cloud Native Arch
  • JAVA开发手册1.5.0

    • 相关实验场景

    更多
  • 阿里云平台上进行Java程序的编译与运行
  • 使用Java面向对象编写网络通信程序应用
  • Python网络通信程序典型应用
  • 手动部署Java Web环境(Alibaba Cloud Linux 2)
  • 搭建Java Web开发环境(Anolis OS)
  • RocketMQ中使用Java客户端发送消息和消费的应用
    • 下一篇
    DataWorks