对于预检,响应具有无效的HTTP状态代码401,用于oauth / token
我在spring boot中为CORS实现了Filter。代码如下: –
@SpringBootApplication @Component public class Application implements Filter { public static void main(String[] args) { SpringApplication.run(Application.class, args); } @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me"); filterChain.doFilter(servletRequest, servletResponse); } @Override public void destroy() { } } 为了从oauth2获取access_token,我从angularjs创建了以下对象: –
{"url":"http://localhost:8080/oauth/token?grant_type=client_credentials&client_id=clientId&client_secret=clientSecret","headers":{"Authorization":"Basic token_value"},"withCredentials":true,"method":"POST"}
当我点击服务器时出现以下错误: –
OPTIONS url... 401() Response for preflight has invalid HTTP status code 401
我已经找到了堆栈溢出中类似问题的解决方案,但没有一个解决我的问题。有人可以帮忙吗?
请阅读有关预检请求的更多信息。
如果服务器支持跨源请求,他们只是建议浏览器。 对此类OPTIONS请求的响应应该是好的(即<400)。
我认为语句filterChain.doFilter(servletRequest, servletResponse); 正在进一步传递请求,而不是返回响应。
您可以在此处阅读有关使用Spring in Java 启用CORS的更多信息。使用Spring Framework启用CORS for OPTIONS请求
下面的代码解决了我的问题
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
代码示例来自https://github.com/spring-projects/spring-security-oauth/issues/938