出现原因,首先会发送一个OPTIONS请求给后台 ,这里不知道的可以百度
我这里用了@CrossOrigin不知道,为什么还是报跨域
后来看前端错误信息
Access to XMLHttpRequest at ‘http://localhost:8080/user/login’ from origin ‘http://localhost:9999’ has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.
Access-Control-Allow 不允许请求标头字段内容类型- 预检响应中的标题。
解决方法
response.setHeader(“Access-Control-Allow-Headers”, “Content-Type,XFILENAME,XFILECATEGORY,XFILESIZE”);
package com.hdbc.config;
import javax.servlet.*;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class CORSFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type,XFILENAME,XFILECATEGORY,XFILESIZE");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
}
}
web.xml配置
crossorigin com.hdbc.config.CORSFilter crossorigin /*
第二种方法
@CrossOrigin(allowedHeaders={"*"})
