1 @Bean
2 public FilterRegistrationBean corsFilter() {
3 final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
4 final CorsConfiguration config = new CorsConfiguration();
5 config.setAllowCredentials(true);
6 // 本地静态文件访问
7 config.addAllowedOrigin("null");
8 config.addAllowedOrigin("https://consol.cn");
9 config.addAllowedOrigin("https://api-.cn");
10 config.addAllowedHeader(SymbolConsts.SYMBOL_1);
11 config.addAllowedMethod("GET");
12 config.addAllowedMethod("POST");
13 config.addAllowedMethod("OPTIONS");
14 config.addAllowedMethod("DELETE");
15
16 config.setMaxAge(18000L);
17 source.registerCorsConfiguration("/**", config);
18 CorsFilter corsFilter = new CorsFilter(source);
19
20 // 处理SpringSecurity Filter在之前的问题
21 FilterRegistrationBean<CorsFilter> filterRegistrationBean=new FilterRegistrationBean<>(corsFilter);
22 // 小于 SpringSecurity Filter的 Order(-100) 即可
23 filterRegistrationBean.setOrder(-101);
24
25 return filterRegistrationBean;
26 // return new CorsFilter(source);
27
28 }
标签:addAllowedMethod,跨域,spring,boot,source,addAllowedOrigin,FilterRegistrationBean,n From: https://www.cnblogs.com/hyiam/p/18350445