cors

2025-08-05 16:24:26 +08:00 · 2025-08-05 16:24:26 +08:00 · d82c91aa56
commit d82c91aa56
parent 17ebba7b85
2 changed files with 14 additions and 38 deletions
--- a/pom.xml
+++ b/pom.xml
@ -21,10 +21,6 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>com.jujia</groupId>
 			<artifactId>jujia-common-config</artifactId>
--- a/src/main/java/com/example/config/CorsConfig.java
+++ b/src/main/java/com/example/config/CorsConfig.java
@ -2,45 +2,25 @@ package com.example.config;

 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.stereotype.Component;
 import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.cors.reactive.CorsWebFilter;
+import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;

-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * @Author cuiJiaWang
- * @Create 2025-08-05 16:06
- */
@Configuration
-public class CorsConfig  {
-    @Component
-    public class CorsFilter implements Filter {
+public class CorsConfig {

-        @Override
-        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
-                throws IOException, ServletException {
+    @Bean
+    public CorsWebFilter corsWebFilter() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.addAllowedOriginPattern("*");  // 允许所有域（生产环境建议指定具体域名）
+        config.addAllowedMethod("*");         // 允许所有HTTP方法
+        config.addAllowedHeader("*");         // 允许所有请求头
+        config.setAllowCredentials(true);     // 允许携带凭证
+        config.setMaxAge(3600L);              // 预检请求缓存时间(秒)

-            HttpServletResponse response = (HttpServletResponse) res;
-            HttpServletRequest request = (HttpServletRequest) req;
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);  // 应用于所有路径

-            response.setHeader("Access-Control-Allow-Origin", "*");
-            response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
-            response.setHeader("Access-Control-Max-Age", "3600");
-            response.setHeader("Access-Control-Allow-Headers", "*");
-            response.setHeader("Access-Control-Allow-Credentials", "false");
-
-            if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
-                response.setStatus(HttpServletResponse.SC_OK);
-            } else {
-                chain.doFilter(req, res);
-            }
-        }
+        return new CorsWebFilter(source);
    }
-
-
 }