@Bean
public WebFilter corsFilter() {
return (ServerWebExchange ctx, WebFilterChain chain) -> {
//获取web服务请求
ServerHttpRequest request = ctx.getRequest();
//判断是否跨域请求
if (CorsUtils.isCorsRequest(request)) {
//获取请求消息头
HttpHeaders requestHeaders = request.getHeaders();
//获取响应结果
ServerHttpResponse response = ctx.getResponse();
//获取请求头方法的权限
HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
//获取响应结果的头部信息
HttpHeaders headers = response.getHeaders();
//增加响应结果的头部信息设置源头
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
//增加响应头部信息的权限
headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders
.getAccessControlRequestHeaders());
//判断获取到的请求权限是否为null
if(requestMethod != null){
//增加头部信息的请求方法名称
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
}
//增加头部信息的控制权限为true
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
//增加头部信息的暴露值
headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
//增加头部信息的最大时期
headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
//web请求的方法是否为options
if (request.getMethod() == HttpMethod.OPTIONS) {
//响应的状态为OK
response.setStatusCode(HttpStatus.OK);
return Mono.empty();
}
}
return chain.filter(ctx);
};
}
浙公网安备 33010602011771号