前端解决跨域问题
$.ajax(
'http://xx.xx.xx.xx:8090/xx/xx',
{
method:"POST",
contentType:"application/x-www-form-urlencoded;charset=utf-8",
dataType:"json",
data:data,
success:function(res){
...
}
});
服务端解决跨域问题
//告诉浏览器允许所有的域访问
//注意 * 不能满足带有cookie的访问,Origin 必须是全匹配
//resp.addHeader("Access-Control-Allow-Origin", "*");
//解决办法通过获取Origin请求头来动态设置
String origin = request.getHeader("Origin");
if (StringUtils.hasText(origin)) {
resp.addHeader("Access-Control-Allow-Origin", origin);
}
//允许带有cookie访问
resp.addHeader("Access-Control-Allow-Credentials", "true");
//告诉浏览器允许跨域访问的方法
resp.addHeader("Access-Control-Allow-Methods", "*");
//告诉浏览器允许带有Content-Type,header1,header2头的请求访问
//resp.addHeader("Access-Control-Allow-Headers", "Content-Type,header1,header2");
//设置支持所有的自定义请求头
String headers = request.getHeader("Access-Control-Request-Headers");
if (StringUtils.hasText(headers)){
resp.addHeader("Access-Control-Allow-Headers", headers);
}
//告诉浏览器缓存OPTIONS预检请求1小时,避免非简单请求每次发送预检请求,提升性能
resp.addHeader("Access-Control-Max-Age", "3600");