我使用Sppring boot创建了一个REST上传服务:
@CrossOrigin
@RestController
@RequestMapping("/upload")
public class FileUploadHandler {
@PostMapping("/doUpload")
public String handleFileUpload(@RequestParam("file") MultipartFile file, RedirectAttributes redirectAttributes) {
if (!file.isEmpty()) {
try {
byte[] bytes = file.getBytes();
BufferedOutputStream stream = new BufferedOutputStream(
new FileOutputStream(new File(file.getName() + "-uploaded")));
stream.write(bytes);
stream.close();
return "You successfully uploaded " + file.getName() + " into " + file.getName() + "-uploaded !";
} catch (Exception e) {
return "You failed to upload " + file.getName() + " => " + e.getMessage();
}
} else {
redirectAttributes.addFlashAttribute("message",
"You successfully uploaded " + file.getOriginalFilename() + "!");
return "Some error... ";
}
}
}
我正在使用Angular2 + webpack客户端来使用该服务。问题是当我尝试访问该服务时,我得到一个CROS块。
XMLHttpRequest cannot load http://localhost:8080/kti-cms-spring/upload/doUpload. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://ac1068:8080' is therefore not allowed access.
我使用glassfish4作为应用程序服务器。
我的配置:
@Configuration
@ComponentScan("de.awinta.kti.cms")
public class MainConfig {
@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// likely you should limit this to specific origins
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
config.setAllowCredentials(Boolean.TRUE);
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(0);
return bean;
}
}
应用入口点
@SpringBootApplication
public class KtiCmsApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(KtiCmsApplication.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(applicationClass);
}
private static Class<KtiCmsApplication> applicationClass = KtiCmsApplication.class;
}
我没有想法如何让这个工作,并且正在考虑尝试普通的旧JAX-RS进行服务曝光。也许有人在这里有一个关于如何使用弹簧工作的想法。
答案 0 :(得分:0)
我没有在您的代码中看到特定错误,但以下代码段可能会帮助您运行CORS。这就是我在Ember.js作为Frontend的春季启动项目中设置cors的方法。
尝试使用CorsFilter Bean将Configuration类CorsConfig添加到项目中:
package your.app.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class CorsConfig {
public CorsConfig() {
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// likely you should limit this to specific origins
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("HEAD");
config.addAllowedMethod("GET");
config.addAllowedMethod("PUT");
config.addAllowedMethod("POST");
config.addAllowedMethod("DELETE");
config.addAllowedMethod("PATCH");
config.setAllowCredentials(Boolean.TRUE);
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
}
将@CrossOrigin添加到控制器(就像您已经拥有的那样)
这些doc和SO问题帮助我实现了这个目标: