'访问控制允许来源'带弹簧靴

时间:2017-09-06 00:42:06

标签: java spring spring-boot cors

我在端口spring boot上公开的docker容器中运行了一个简单的8080服务,该容器正在调用mysql数据库。

当我点击localhost:8080/blogs时,我会回来[{"author":"Christopher Bolton","title":"Test Title 1","content":"This is some content","date":"2017-08-29"}]

当我直接在浏览器中点击它时,这工作正常。但是,当我从jQuery尝试时,我得到了正常的Access-Control-Allow-Origin

这是我的春季启动服务:

@SpringBootApplication
@RestController
public class ChrisboltonServiceApplication {

public static void main(String[] args) {
    SpringApplication.run(ChrisboltonServiceApplication.class, args);
}

@Autowired
private JdbcTemplate jdbcTemplate;

@CrossOrigin
@RequestMapping(path="/blogs")
public @ResponseBody Iterable<ChrisBolton> getAllUsers() {
    List<ChrisBolton> result = jdbcTemplate.query(
            "SELECT * FROM blog",
            (rs, rowNum) -> new ChrisBolton(rs.getString("author"), 
                                               rs.getString("title"), 
                                               rs.getString("content"), 
                                               rs.getDate("date"))
    );

    return result;
}
}

这是我的jQuery

$.ajax({
  url: "http://localhost:8080/blogs",
  crossDomain: true
}).done(function(data) {

  console.log(data);
});

但我仍然收到此错误:

XMLHttpRequest cannot load http://localhost:8080/blogs. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

我已经尝试this@CrossOrigin添加到getAllUsers()方法,我已经在课程级别尝试了。我还查看了this,因为我在端口3000上运行了我的UI。但该链接并非针对特定的春季。

修改

添加我的请求标题:

GET /blogs HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept: */*
Origin: http://localhost:3000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) 
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 
Safari/537.36
Referer: http://localhost:3000/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8

网络标签中的响应(Chrome):

[{"author":"Christopher Bolton","title":"Test Title 1","content":"This is some content","date":"2017-08-29"}]

所以看起来我正在网络选项卡中获取数据。但是,我的console.log(data)会生成Access-Control-Allow-Origin

3 个答案:

答案 0 :(得分:10)

尝试将此添加到您的应用中:

@SpringBootApplication
@RestController
public class ChrisboltonServiceApplication {

    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurerAdapter() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/**").allowedOrigins("*");
            }
        };
    }

...

另外,请尝试从crossDomain: true删除$.ajax()

答案 1 :(得分:0)

如果您希望@CrossOrigin("http://localhost:8080")允许请求,可以将:8080添加到正确的方法中。这是一个端点/控制器的简单配置。当然,您也可以在那里使用变量进行自定义。

答案 2 :(得分:0)

只需在任何软件包中添加DevConfiguration,然后更新application.properties文件 

import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
@Profile("development")
public class DevConfiguration implements WebMvcConfigurer {
 
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS").allowedOrigins("*");
    }
}

更新application.properties文件

# application.properties
spring.profiles.active=development
server.port=8090
相关问题
最新问题