第一步:在gateway网关的配置文件中加上下面这些:
ly:
cors:
allowedOrigins:
- http://manage.leyou.com
- http://xxx.xxx.com
# 允许哪些网址就继续加,不要写 *,否则cookie就无法使用了
allowedCredentials: true # 代表携带cookie
allowedHeaders:
- "*"
allowedMethods:
- GET
- POST
- DELETE
- PUT
- OPTIONS
- HEAD
maxAge: 360000
filterPath: "/**"
第二步:写一个配置类解析上面的配置文件信息
@Data
@ConfigurationProperties(prefix = "ly.cors")
public class CORSProperties {
private List<String> allowedOrigins;
private Boolean allowedCredentials;
private List<String> allowedMethods;
private List<String> allowedHeaders;
private Long maxAge;
private String filterPath;
}
第三步:写一个跨域的过滤器
@Configuration @EnableConfigurationProperties(CORSProperties.class)
public class GlobalCORSConfig {
@Autowired
private CORSProperties prop;
/**
* @Bean注解,将当前方法的返回值对象放入到IOC容器中
* @return
*/
@Bean
public CorsFilter corsFilter() {
//1.添加CORS配置信息
CorsConfiguration config = new CorsConfiguration();
prop.getAllowedOrigins().forEach(config::addAllowedOrigin);
//上面的写法和下面这个效果一样
// for (String allowedOrigin : prop.getAllowedOrigins()) {
// config.addAllowedOrigin(allowedOrigin);
// }
//2) 是否发送Cookie信息
config.setAllowCredentials(prop.getAllowedCredentials());
//3) 允许的请求方式
prop.getAllowedMethods().forEach(config::addAllowedMethod);
// 4)允许的头信息
prop.getAllowedHeaders().forEach(config::addAllowedHeader);
// 5)有效期
config.setMaxAge(prop.getMaxAge());
//2.添加映射路径,我们拦截一切请求
UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
configSource.registerCorsConfiguration(prop.getFilterPath(), config);
//3.返回新的CORSFilter.
return new CorsFilter(configSource);
}
}