spring boot下跨域安全配置 

 1     @Bean
 2     public FilterRegistrationBean corsFilter() {
 3         final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
 4         final CorsConfiguration config = new CorsConfiguration();
 5         config.setAllowCredentials(true);
 6         // 本地静态文件访问
 7         config.addAllowedOrigin("null");
 8         config.addAllowedOrigin("https://consol.cn");
 9         config.addAllowedOrigin("https://api-.cn");
10         config.addAllowedHeader(SymbolConsts.SYMBOL_1);
11         config.addAllowedMethod("GET");
12         config.addAllowedMethod("POST");
13         config.addAllowedMethod("OPTIONS");
14         config.addAllowedMethod("DELETE");
15 
16         config.setMaxAge(18000L);
17         source.registerCorsConfiguration("/**", config);
18         CorsFilter corsFilter = new CorsFilter(source);
19         
20         // 处理SpringSecurity Filter在之前的问题
21         FilterRegistrationBean<CorsFilter> filterRegistrationBean=new FilterRegistrationBean<>(corsFilter);
22         // 小于 SpringSecurity Filter的 Order(-100) 即可
23         filterRegistrationBean.setOrder(-101);  
24 
25         return filterRegistrationBean;
26 //        return new CorsFilter(source);
27 
28     }

 

 
posted @ 2024-08-09 11:13  hyiam  阅读(16)  评论(0)    收藏  举报