The 'Access-Control-Allow-Origin' header has a value 'http://localhost:28080' that is not equal to t

其他 2020-03-24 21:09:17 阅读次数: 0

记录一个问题

在学习shiro+cas 前后端分离单点登录过程中,遇到跨域重定向的问题

其中登录后,在访问cas客户端的controller时,浏览器出现了这个跨域问题

Access to XMLHttpRequest at 'http://127.0.0.1:18081/blog-backend/shiro/hello' (redirected from 'http://localhost:28080/blog-backend/blog/save') from origin 'http://localhost:28080' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://localhost:28080' that is not equal to the supplied origin.

cas客户端的跨域访问配置

package com.jsong.wiki.backend.interceptor;

import lombok.extern.log4j.Log4j2;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
@Log4j2
public class CommonInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        log.info("拦截器");
//        response.setHeader("Access-Control-Allow-Origin", "null");
        response.setHeader("Access-Control-Allow-Origin", "http://localhost:28080");
        if (request.getMethod().equals("OPTIONS")) {
            response.addHeader("Access-Control-Allow-Methods", "GET,HEAD,POST,PUT,DELETE,TRACE,OPTIONS,PATCH");
            response.addHeader("Access-Control-Allow-Headers", "Content-Type,Accept,Authorization");
        }
        return true;
    }
}

浏览器的请求源是http://localhost:28080
cas客户端配置的"Access-Control-Allow-Origin", “http://localhost:28080”
但是还是报源不同,不知道为什么

cas客户端配置改成
response.setHeader(“Access-Control-Allow-Origin”, “null”)
就没有问题了,不知道为什么
太菜了,还是没搞懂cas的原理,先记录一下问题

最后cas客户端配置

package com.jsong.wiki.backend.interceptor;

import lombok.extern.log4j.Log4j2;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
@Log4j2
public class CommonInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        log.info("拦截器");
        response.setHeader("Access-Control-Allow-Origin", "null");
//        response.setHeader("Access-Control-Allow-Origin", "http://localhost:28080");
        if (request.getMethod().equals("OPTIONS")) {
            response.addHeader("Access-Control-Allow-Methods", "GET,HEAD,POST,PUT,DELETE,TRACE,OPTIONS,PATCH");
            response.addHeader("Access-Control-Allow-Headers", "Content-Type,Accept,Authorization");
        }
        return true;
    }
}
宋大王
发布了83 篇原创文章 · 获赞 21 · 访问量 5万+
私信 关注

猜你喜欢

转载自blog.csdn.net/JsongNeu/article/details/104545167
今日推荐
周排行
Access的四舍五入取整
8.23 前端学习过程
入门学习过程方向与漏洞复现总结:
操作分布式文件之八:如何批量并行读写远程文件和事务补偿处理
应邀出个教程 (搭建tensorflow跑网络环境)
Kubernetes之Pod控制器应用进阶
14-[mysql内置功能]--
HDU6212 区间dp 好题
VS2015生成代码图
验证手机号的工具类
每日归档
更多
2024-10-21(0)
2024-10-20(0)
2024-10-19(0)
2024-10-18(0)
2024-10-17(0)
2024-10-16(0)
2024-10-15(0)
2024-10-14(0)
2024-10-13(0)
2024-10-12(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022