前端访问后端出现CORS 但是我已经配置了 麻烦老哥们帮我看看

求助问答
2

这CORS跨域,蛮简单的东西。你们为啥老是翻车?我给你一个Filter。你copy到项目里面。使用Filter处理,不要用@CrossOrigin 注解。

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;

@Component
@Order(-999)
@WebFilter(filterName = "corsFilter" , urlPatterns = { "/*" })
public class CorsFilter extends HttpFilter {

	/**
	 * 
	 */
	private static final long serialVersionUID = -8387103310559517243L;

	@Override
	protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {

		String origin = req.getHeader(HttpHeaders.ORIGIN);
		
		
		if (!isSameOrigin(req)) {
			/**
			 * TODO 通过后台读取,配置
			 */
			res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);;
			res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "Origin, x-requested-with, Content-Type, Accept, Authorization");
			res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
			res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, OPTIONS, DELETE");
			
			res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma");
			res.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "60");
		}

		super.doFilter(req, res, chain);
	}
	
	private static boolean isSameOrigin(HttpServletRequest req) {
		
		String origin = req.getHeader(HttpHeaders.ORIGIN);
		
		if (origin == null) {
			return true;
		}
		
		String scheme = req.getScheme();
		String host = req.getServerName();
		int port = req.getServerPort();
		
		UriComponents originUrl = UriComponentsBuilder.fromOriginHeader(origin).build();
		
		return (ObjectUtils.nullSafeEquals(scheme, originUrl.getScheme()) &&
				ObjectUtils.nullSafeEquals(host, originUrl.getHost()) &&
				getPort(scheme, port) == getPort(originUrl.getScheme(), originUrl.getPort()));
	}
	
	private static int getPort(@Nullable String scheme, int port) {
		if (port == -1) {
			if ("http".equals(scheme) || "ws".equals(scheme)) {
				port = 80;
			}
			else if ("https".equals(scheme) || "wss".equals(scheme)) {
				port = 443;
			}
		}
		return port;
	}
}

最后,建议你好好看看这个帖子: