nginx配置解决跨域问题
程序员文章站
2023-12-28 10:42:58
...
之前写实验室官网连调阶段出现了跨域问题,一开始我是写了一个拦截器来解决问题,但是在个别接口仍然会出现问题,然后使用@CrossOrigin来解决,但是@CrossOigin注解默认是不支持put和delete方法的,我在网上查询了cors的细粒度配置,尝试了能查到的所有方法失败,最后还是采用了filter加nginx配置的方式来解决问题
出现跨域问题时,一般是 PUT,DELETED 两种请求,当浏览器请求时,会发送两个请求到 nginx。
其中一个请求类型为 options,一个请求为 PUT 或者 DELETED。
nginx 需要对 options 请求进行拦截,返回 200,并添加响应的头。
1.AllowOriginFilter代码
public class AllowOriginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request = (HttpServletRequest) servletRequest;
String origin = request.getHeader("Origin");
if (StringUtils.isNotBlank(origin)) {
//设置响应头,允许跨域访问
//带cookie请求时,必须为全匹配,不能使用*
/**
* 表示允许 origin 发起跨域请求。
*/
response.addHeader("Access-Control-Allow-Origin", origin);
}
/**
* GET,POST,OPTIONS,PUT,DELETE 表示允许跨域请求的方法
*/
response.addHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH");
/**
* 表示在86400秒内不需要再发送预校验请求
*/
response.addHeader("Access-Control-Max-Age", "86400");
//支持所有自定义头
String headers = request.getHeader("Access-Control-Request-Headers");
if (StringUtils.isNotBlank(headers)) {
//允许JSON请求,并进行预检命令缓存
response.addHeader("Access-Control-Allow-Headers", headers);
}
response.addHeader("Access-Control-Max-Age", "3600");
//允许cookie
response.addHeader("Access-Control-Allow-Credentials", "true");
/**
* 设置content-type
*/
// response.addHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
filterChain.doFilter(servletRequest, response);
}
@Override
public void destroy() {
}
}
2.注入
@Configuration
@EnableWebMvc
@ComponentScan("这里填自己的项目")
public class WebConfiguration extends WebMvcConfigurerAdapter {
/**
* 解决DELETE、PUT参数获取不到
*
* @return
*/
@Bean
public FormContentFilter formContentFilter() {
return new FormContentFilter();
}
/**
* 注入RestTemplate
*
* @return
*/
@Bean
public RestTemplate getRestTemplate() {
return new RestTemplate();
}
/**
* 跨域Fileter注入
*
* @return 跨域注册Bean对象
*/
@Bean
public FilterRegistrationBean registerFilter() {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.addUrlPatterns("/*");
bean.setFilter(new AllowOriginFilter());
return bean;
}
}
3.nginx配置
http {
server{
listen 80;
#
server_name 你的域名;
#
location / {
#try_files $uri $uri/ =404;
proxy_pass http://localhost:8080;
# proxy_cookie_path /api/ /;
proxy_cookie_path /weily /;
proxy_set_header Host $host:80;
proxy_set_header Referer $http_referer;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Content-Type $content_type;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Headers content-type;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
return 200;
}
client_max_body_size 1024m;
}
}
}
推荐阅读