1 @Bean 2 public FilterRegistrationBean corsFilter() { 3 final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 4 final CorsConfiguration config = new CorsConfiguration(); 5 config.setAllowCredentials(true); 6 // 本地静态文件访问 7 config.addAllowedOrigin("null"); 8 config.addAllowedOrigin("https://consol.cn"); 9 config.addAllowedOrigin("https://api-.cn"); 10 config.addAllowedHeader(SymbolConsts.SYMBOL_1); 11 config.addAllowedMethod("GET"); 12 config.addAllowedMethod("POST"); 13 config.addAllowedMethod("OPTIONS"); 14 config.addAllowedMethod("DELETE"); 15 16 config.setMaxAge(18000L); 17 source.registerCorsConfiguration("/**", config); 18 CorsFilter corsFilter = new CorsFilter(source); 19 20 // 处理SpringSecurity Filter在之前的问题 21 FilterRegistrationBean<CorsFilter> filterRegistrationBean=new FilterRegistrationBean<>(corsFilter); 22 // 小于 SpringSecurity Filter的 Order(-100) 即可 23 filterRegistrationBean.setOrder(-101); 24 25 return filterRegistrationBean; 26 // return new CorsFilter(source); 27 28 }
标签:addAllowedMethod,跨域,spring,boot,source,addAllowedOrigin,FilterRegistrationBean,n From: https://www.cnblogs.com/hyiam/p/18350445