jok*_*r21 5 java rest spring spring-boot
我是后端开发人员,我提供了具有JWT安全性的Spring Boot Rest API,供前端开发人员使用,该前端开发人员从本地主机调用api。因此,当他调用POST请求时,他说他收到了CORS错误。那个部分
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");
chain.doFilter(request, response);
}
但是他仍然得到了错误,可能是什么原因。
OPTIONS https:my.domain/url 401 (Unauthorized)
当它是POST请求时。
控制器代码:
@RestController
public class RegistrationController {
@Autowired
@Qualifier("restTemplateUserRegitration")
private RestTemplate restTemplateUserRegitration;
@RequestMapping(value="${user.endpoint}",produces={MediaType.APPLICATION_JSON_VALUE},method=RequestMethod.POST)
public ResponseEntity<?> registerUser(@RequestBody Model ModelRequest){
Map<String, Object> Status=new HashMap<String, Object>();
FeedBackStatus = restTemplateUserRegitration.postForObject("http:serviceurl",registration/single",Model.class,Map.class );
return ResponseEntity.ok(Status);
}
}
首先尝试这个,这应该允许所有来源,但这是安全风险。
response.setHeader("Access-Control-Allow-Origin", "*");
| 归档时间: |
|
| 查看次数: |
452 次 |
| 最近记录: |