基础框架中默认提供ApiCorsFilter跨域处理Filter,默认情况下关闭.

默认实现

  1. public class ApiCorsFilter implements Filter {
  2.     @Override
  3.     public void init(FilterConfig filterConfig) throws ServletException {
  5.     }
  7.     @Override
  8.     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
  10.         HttpServletResponse res = (HttpServletResponse) servletResponse;
  11.         res.addHeader("Access-Control-Allow-Credentials", "true");
  12.         res.addHeader("Access-Control-Allow-Origin", "*");
  13.         res.addHeader("Access-Control-Allow-Methods", "POST,GET,PUT,OPTIONS,DELETE");
  14.         res.addHeader("Access-Control-Allow-Headers", "*");
  15.         res.setHeader("Content-Type", "application/json;charset=UTF-8");
  16.         if ("OPTIONS".equals(((HttpServletRequest) servletRequest).getMethod())) {
  17.             servletResponse.getWriter().println("ok");
  18.             return;
  19.         }
  20.         filterChain.doFilter(servletRequest, servletResponse);
  22.     }
  24.     @Override
  25.     public void destroy() {
  27.     }
  28. }

开关配置

  1. xy.core.api.cors.enable=true

注意事项

当web前端直接调用后方服务时,可能会产生跨域,此时开启跨域功能即可。

对于从网关转发而来的请求,默认网关做了跨域处理,因此当前应用中无需再此开启跨域功能。