【发布时间】:2018-11-27 10:21:08
【问题描述】:
即使在设置了所需的标头(例如 Access-Control-Allow-Origin 到 http://localhost:4200、Access-Control-Allow-Credentials 到 true 等等之后,我也遇到了 CORS 问题。
Response from previous request:
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Special-Response-Header, Header2
Access-Control-Allow-Origin: http://localhost:4200
Access-Control-Expose-Headers: Special-Response-Header, Header2
Access-Control-Max-Age: 3600
Access-Control-Request-Headers: Special-Response-Header, Header2
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0 Date: Mon, 18 Jun 2018 13:03:46 GMT
Expires: 0
Location: <<Replace with Org Authentication URL>>
Origin: http://localhost:4200
Pragma: no-cache
Set-Cookie: dtCookie=8$C38554BBC14802D7BCFE9A5E047AA962;domain=rbc.com;path=/ Set-Cookie: JSESSIONID=26A7EB71BD36D31EFE6A701320DFA0C3;path=/;Secure;HttpOnly Set-Cookie: __VCAP_ID__=0a838736-ad8b-40b9-4aa5-e972; Path=/; HttpOnly; Secure Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Vcap-Request-Id: 61cc9d4e-29ba-4b11-7f0b-82ec01cbc0a6 X-Xss-Protection: 1; mode=block
当前请求:
GET <<Replace with Org Authentication Get method params>>
HTTP/1.1
Host: mrkdlvaiaas493.devfg.rbc.com:9443
Connection: keep-alive
Accept: application/json, text/plain, */*
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36 Referer: http://localhost:4200/startBatch/2018-04-27 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
错误:
Failed to <<Replace with Org Authentication URL>>: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
【问题讨论】:
-
什么版本的弹簧靴。您使用哪种方法在 Spring 应用程序中启用 CORS?跨原点注释?
-
@LucasHolt:谢谢您的回复。我正在使用 Spring Boot 1.5.2。我尝试使用 CORS 注释我的本地端点,使用 WebMvcConfigurer 设置配置(以更新 CorsRegistry)并添加自定义过滤器类(以更新响应)。
标签: spring spring-boot spring-security cors