
问题描述
springboot项目 在跨域名调用接口,并且需要传自定义的请求头时报错:
Access to XMLHttpRequest at 'http://ydatestapi.libawall.com/admin/equipment//notSelectPageResultByQuery?pageSize=10&pageIndex=1&isPagination=true&searchNumber=' from origin 'http://localhost:8080' has been blocked by CORS policy: Request header field x-access-token is not allowed by Access-Control-Allow-Headers in preflight response.
解决办法
添加统一配置response允许请求头
例如需要传 X-Access-Token
请求头,添加如下配置:
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class AddResponseHeaderFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
FilterChain filterChain) throws ServletException, IOException {
httpServletResponse.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Access-Token");
filterChain.doFilter(httpServletRequest, httpServletResponse);
}
}