关于angularjs:点击休息服务获取错误 – 对预检请求的响应未通过访问控制检查:否’Access-Control-Allow-Origin’标题


On hitting Rest service getting Error - Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header

我试图通过Angular $ http服务点击其余服务,我收到的错误就像

1
2
3
4
5
XMLHttpRequest cannot load
http://localhost:3000/SpringSecurity/utn/accounts/all. Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'null' is therefore not allowed access

请求角度:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
$http({
              method: 'GET',
              url: 'http://localhost:3000/SpringSecurity/utn/accounts/all',
              headers: {
                   'Content-type': 'application/json',
                   'Accept' : 'application/json',
                  "Access-Control-Allow-Origin" :"*",
                   "Access-Control-Allow-Methods" :"GET",
                   "Access-Control-Allow-Headers":"Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"


                 }

            }).then(function successCallback(response) {

                console.log("Success");
                console.log(response);

              }, function errorCallback(response) {

                console.log("Error");
                console.log(response);

              });

HTML:

1
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js">

弹簧控制器:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
@RequestMapping(value ="/utn/accounts/all", method = RequestMethod.GET)
public ModelAndView utnAccountsAll(HttpServletRequest request,HttpServletResponse response) {

    System.out.println("Inside UTN Accounts method");
    ModelAndView model = new ModelAndView();
    response.setHeader("Access-Control-Allow-Origin","*");
    response.setHeader("Access-Control-Allow-Methods","GET");
    response.setHeader("Access-Control-Max-Age","3600");
    response.setHeader("Access-Control-Allow-Headers","Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");


    model.addObject("message","Successss");
    model.setViewName("success");
    return model;

}
相关讨论

您需要在服务器端启用CORS过滤器。 添加以下代码并使用@Configuration进行注释

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
@Configuration
public class CorsFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        final HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin","*");
        response.setHeader("Access-Control-Allow-Methods","POST, PUT, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Allow-Headers","Authorization, Content-Type");
        response.setHeader("Access-Control-Max-Age","3600");

            chain.doFilter(req, res);

    }
    @Override
    public void destroy() {
    }    
   @Override
    public void init(FilterConfig config) throws ServletException {
    }