我有一个正在使用Angular 2和Spring Boot开发的Web应用程序。我使用spring-boot-data-rest依赖性将我的存储库公开为HTTP端点。
在开发过程中,我在运行于端口8080的本地tomcat上运行后端spring boot项目。要开发前端,我使用angular-cli在端口4200上为Angular 2应用程序提供服务。在4200上运行的前端必须能够击中8080上暴露的端点,但这不起作用,因为:
如果这些是我手动在@RestController中键入的自定义端点,则可以像这样简单地添加@CrossOrigin批注:
@RestController
public class MyController {
@CrossOrigin(origins = "http://localhost:4200")
@RequestMapping(value = "/whatever")
public void whatever() {
//whatever
}
}
但是我显然无法对
spring-boot-data-rest暴露的端点执行此操作。那么,如何使这些端点可以从http://localhost:4200来源访问? 最佳答案
我使用了自定义的CORS过滤器使其工作:
/**
* Filter for enabling CORS support.
*/
@Component
public class CorsFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response,
final FilterChain filterChain) throws ServletException, IOException {
response.addHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS");
response.addHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers");
response.addHeader("Access-Control-Expose-Headers", "Access-Control-Allow-Origin, Access-Control-Allow-Credentials");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addIntHeader("Access-Control-Max-Age", 10);
filterChain.doFilter(request, response);
}
}