@CrossOrigin添加到对应需要跨域的接口类或方法上,不加任何参数默认是所有网站都可以访问!鄙人技术有限,在用拦截器做完登陆验证,无法通过拦截器实现未被拦截器拦截接口的跨域功能,故另辟蹊径使用注解完成未被拦截接口的跨域功能。
public class isLoginInterceptor implements HandlerInterceptor {
//在请求处理的方法之前执行
//如果返回true执行下一个拦截器
//如果返回false就不执行下一个拦截器
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("---------------处理前---------------");
// System.out.println(request.getHeader(HttpHeaders.ORIGIN) + "origin");
// System.out.println(request.getMethod());
if (request.getHeader(HttpHeaders.ORIGIN) != null) {
//支持跨域这里手动为相应包添加允许跨域的属性,只对浏览器的options预先请求生效
response.addHeader("Access-Control-Allow-Origin", request.getHeader(HttpHeaders.ORIGIN));// origin 为请求接口的站点主域名
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT, HEAD");
response.addHeader("Access-Control-Allow-Headers", "Content-Type");
response.addHeader("Access-Control-Max-Age", "3600");
return true;
}
User user = (User) request.getSession(false).getAttribute("USER_SESSION");
System.out.println(user + "interceptor");
if (user == null) {
System.out.println("user == null ");
return false;
} else
return true;
}
//在请求处理方法执行之后执行
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("---------------处理后---------------");
}
//在dispatcherServlet处理后执行,做清理工作
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("---------------清理---------------");
}
}
// 由于我没有测试成功,在这里就不贴出代码了。
原文:https://www.cnblogs.com/lambertlt/p/14868601.html