在Spring 5 Webflux中启用CORS?
如何在Spring 5 Webflux项目中启用CORS ?
我找不到任何适当的文件。
我使用此自定义filter取得了成功:
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.web.cors.reactive.CorsUtils; import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilter; import org.springframework.web.server.WebFilterChain; import reactor.core.publisher.Mono; @Configuration public class CorsConfiguration { private static final String ALLOWED_HEADERS = "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN"; private static final String ALLOWED_METHODS = "GET, PUT, POST, DELETE, OPTIONS"; private static final String ALLOWED_ORIGIN = "*"; private static final String MAX_AGE = "3600"; @Bean public WebFilter corsFilter() { return (ServerWebExchange ctx, WebFilterChain chain) -> { ServerHttpRequest request = ctx.getRequest(); if (CorsUtils.isCorsRequest(request)) { ServerHttpResponse response = ctx.getResponse(); HttpHeaders headers = response.getHeaders(); headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN); headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS); headers.add("Access-Control-Max-Age", MAX_AGE); headers.add("Access-Control-Allow-Headers",ALLOWED_HEADERS); if (request.getMethod() == HttpMethod.OPTIONS) { response.setStatusCode(HttpStatus.OK); return Mono.empty(); } } return chain.filter(ctx); }; } }
和org.springframework.boot:spring-boot-starter-web
不应该包含在依赖项中 – filter不能用于它。
@Configuration public class WebFluxConfig { @Bean public WebFluxConfigurer corsConfigurer() { return new WebFluxConfigurerComposite() { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**").allowedOrigins("*") .allowedMethods("*"); } }; } }
对应于:
@Bean public WebMvcConfigurer corsConfigurer() { return new WebMvcConfigurerAdapter() { @Override public void addCorsMappings(CorsRegistry registry) {
对于spring的mvc。
这是Webflux配置器的另一个解决方案。
附注:它的Kotlin代码(从我的项目中复制),但您可以轻松地将其转换为Java代码。
@Configuration @EnableWebFlux class WebConfig: WebFluxConfigurer { override fun addCorsMappings(registry: CorsRegistry) { registry.addMapping("/**") .allowedOrigins("*") // any host or put domain(s) here .allowedMethods("GET, POST") // put the http verbs you want allow .allowedHeaders("Authorization") // put the http headers you want allow } }
感谢@Dachstein,用Webflux替换WebMvc配置是在这里添加全局CORS配置的正确方法。
@Configuration @EnableWebFlux public class CORSConfig implements WebFluxConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedMethods("*"); } }
- 使用Spring Framework为OPTIONS请求启用CORS
- 使用Java Config的全局CORS配置不起作用
- Tomcat CORSfilter
- 请求的资源上不存在Access-Control-Allow-Origin标头
- 预检的响应具有无效的HTTP状态代码401 – Spring
- 在Play Framework 2.4.x中解决CORS问题
- 使用application / json contentType的AJAX POST调用获取“no’Access-Control-Allow-Origin’标头”错误
- 如何将Cross Origin资源共享与Spring MVC 4.0.0 RESTful Webservice集成
- Spring Global CORS配置不起作用,但控制器级配置不起作用