(原因:不允许有多个 ‘Access-Control-Allow-Origin‘ CORS 头)

简介: (原因:不允许有多个 ‘Access-Control-Allow-Origin‘ CORS 头)

前后端分离就会碰到跨域问题,原本我们在后端采用 CORS 解决,现在利用网关,可以放在网关解决。

版本:
spring-cloud:Hoxton.SR3

一共两个文件

CorsConfiguration.java

/**
 * 配置跨域
 */
@Configuration
public class CorsConfiguration {

    @Bean
    public CorsResponseHeaderFilter corsResponseHeaderFilter() {
        return new CorsResponseHeaderFilter();
    }

    @Bean
    public CorsWebFilter corsWebFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration corsConfiguration = new CorsConfiguration();

        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.setMaxAge(600L);

        source.registerCorsConfiguration("/**", corsConfiguration);
        return new CorsWebFilter(source);
    }
}

CorsResponseHeaderFilter.java

/**
 * 跨域请求头重复处理过滤器
 */
public class CorsResponseHeaderFilter implements GlobalFilter, Ordered {
    @Override
    public int getOrder() {
        // 指定此过滤器位于NettyWriteResponseFilter之后
        // 即待处理完响应体后接着处理响应头
        return NettyWriteResponseFilter.WRITE_RESPONSE_FILTER_ORDER + 1;
    }

    @Override
    @SuppressWarnings("serial")
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        return chain.filter(exchange).then(Mono.defer(() -> {
            exchange.getResponse().getHeaders().entrySet().stream()
                    .filter(kv -> (kv.getValue() != null && kv.getValue().size() > 1))
                    .filter(kv -> (kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)
                            || kv.getKey().equals(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)))
                    .forEach(kv ->
                    {
                        kv.setValue(new ArrayList<String>() {{
                            add(kv.getValue().get(0));
                        }});
                    });

            return chain.filter(exchange);
        }));
    }
}
目录
相关文章
|
7月前
|
缓存
HTTP 请求头Cache-Control 详解
HTTP 请求头Cache-Control 详解
434 0
|
JSON 前端开发 API
【跨域报错解决方案】Access to XMLHttpRequest at ‘http://xxx.com/xxx‘ from origin ‘null‘ has been blocked by
【跨域报错解决方案】Access to XMLHttpRequest at ‘http://xxx.com/xxx‘ from origin ‘null‘ has been blocked by
3575 0
|
3月前
|
前端开发 Java
前后端分离的跨域问题解决:No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
本文介绍了解决前后端分离项目中跨域问题的方法,包括添加`CorsConfig`配置类和重写`WebMvcConfigurer`接口的`addCorsMappings`方法,允许前端请求访问后端资源,并提供了具体的代码示例。
前后端分离的跨域问题解决:No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
|
API
【已解决】No ‘Access-Control-Allow-Origin‘ header is present on the requested resource
No ‘Access-Control-Allow-Origin‘ header is present on the requested resource
416 0
【已解决】No ‘Access-Control-Allow-Origin‘ header is present on the requested resource
|
JavaScript Java 应用服务中间件
Vue 跨域问题 的几种解决办法 (No ‘Access-Control-Allow-Origin‘ header is present on the requested resource)
Vue 跨域问题 的几种解决办法 (No ‘Access-Control-Allow-Origin‘ header is present on the requested resource)
2069 0
Vue 跨域问题 的几种解决办法 (No ‘Access-Control-Allow-Origin‘ header is present on the requested resource)
|
缓存 安全 搜索推荐
Cors跨域(三):Access-Control-Allow-Origin多域名?
Cors跨域(三):Access-Control-Allow-Origin多域名?
Cors跨域(三):Access-Control-Allow-Origin多域名?
|
API
百度API调用JSONP解决跨越问题 been blocked by CORS policy: No ‘Access-Control-Allow-Origin‘ header
百度API调用JSONP解决跨越问题 been blocked by CORS policy: No ‘Access-Control-Allow-Origin‘ header
248 0
|
前端开发 JavaScript
ajax请求的重定向处理--Request header field x-requested-with is not allowed by Access-Control-Allow-Header
ajax请求的重定向处理--Request header field x-requested-with is not allowed by Access-Control-Allow-Header
514 0
|
Web App开发 存储 安全
新版本Chrome同源策略、跨域问题处理No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
新版本Chrome同源策略、跨域问题处理No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
836 0
|
前端开发 数据可视化 Java
报错:跨域问题解决 No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
报错:跨域问题解决 No ‘Access-Control-Allow-Origin‘ header is present on the requested resource.
1322 0