On hitting Rest service getting Error - Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header
我试图通过Angular $ http服务点击其余服务,我收到的错误就像
1 2 3 4 5 | XMLHttpRequest cannot load http://localhost:3000/SpringSecurity/utn/accounts/all. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access |
请求角度:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | $http({ method: 'GET', url: 'http://localhost:3000/SpringSecurity/utn/accounts/all', headers: { 'Content-type': 'application/json', 'Accept' : 'application/json', "Access-Control-Allow-Origin" :"*", "Access-Control-Allow-Methods" :"GET", "Access-Control-Allow-Headers":"Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With" } }).then(function successCallback(response) { console.log("Success"); console.log(response); }, function errorCallback(response) { console.log("Error"); console.log(response); }); |
HTML:
1 | <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js"> |
弹簧控制器:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | @RequestMapping(value ="/utn/accounts/all", method = RequestMethod.GET) public ModelAndView utnAccountsAll(HttpServletRequest request,HttpServletResponse response) { System.out.println("Inside UTN Accounts method"); ModelAndView model = new ModelAndView(); response.setHeader("Access-Control-Allow-Origin","*"); response.setHeader("Access-Control-Allow-Methods","GET"); response.setHeader("Access-Control-Max-Age","3600"); response.setHeader("Access-Control-Allow-Headers","Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); model.addObject("message","Successss"); model.setViewName("success"); return model; } |
您需要在服务器端启用CORS过滤器。 添加以下代码并使用
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | @Configuration public class CorsFilter implements Filter { @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { final HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Access-Control-Allow-Origin","*"); response.setHeader("Access-Control-Allow-Methods","POST, PUT, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Allow-Headers","Authorization, Content-Type"); response.setHeader("Access-Control-Max-Age","3600"); chain.doFilter(req, res); } @Override public void destroy() { } @Override public void init(FilterConfig config) throws ServletException { } |