Springboot 2.0.2 - 解决 PUT 和 DELETE 的 CORS

Posted

技术标签:

【中文标题】Springboot 2.0.2 - 解决 PUT 和 DELETE 的 CORS【英文标题】:Springboot 2.0.2 - Resolving CORS for PUT and DELETE 【发布时间】:2018-11-26 20:30:25 【问题描述】:

我在我的 RestController 中使用了 @CrossOrigin 注释。我所有的GET 请求都运行良好。但我正在努力处理 PUTDELETE 请求。我收到错误:

HttpErrorResponse headers: HttpHeaders, status: 405, statusText: "OK", url: "http://localhost:8080/api/delete/1", ok: false, …

请注意,我没有对 API 使用任何身份验证

我的休息控制器(在类级别上用 @CrossOrigin 注释):

//Rest Controller

@PutMapping(path = "edit/id", produces = MediaType.APPLICATION_JSON_VALUE,
        consumes = MediaType.APPLICATION_JSON_VALUE)
public void editRecipient(@PathVariable("id") Long id,
                          @RequestBody RecipientEntity recipient)
    service.updateRecipient(id, recipient);


@DeleteMapping(path = "delete/id",  produces = MediaType.APPLICATION_JSON_VALUE)
public void deleteRecipient(@PathVariable("id") Long id) throws NotFoundException 
    service.deleteRecipient(id);

这是我的配置文件:

@Configuration
public class WebConfig 

@Bean
public FilterRegistrationBean corsFilter() 
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;

【问题讨论】:

【参考方案1】:

添加组件CORSFilter 

@Component
public class CORSFilter implements Filter 
    public void init(FilterConfig filterConfig) throws ServletException 
    

    public void doFilter(ServletRequest servletRequest, ServletResponse res, FilterChain filterChain) throws IOException, ServletException 
        HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Authorization, Origin, Accept, Access-Control-Request-Method, Access-Control-Request-Headers");
        filterChain.doFilter(servletRequest, res);
    

    public void destroy()

在春季配置中

@Configuration
public class WebConfig 

    @Autowired
    private CORSFilter corsFilter;

    @Bean
    public FilterRegistrationBean corsFilter() 
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(corsFilter);
        registration.addUrlPatterns("/*");
        registration.setName("corsFilter");
        registration.setOrder(1);
        return registration;

谢谢,

【讨论】:

我查看了 spring.io 资源和其他相关的堆栈溢出问题。我不确定我错过了什么。我是否需要进行任何配置才能使上述代码正常工作? 您可以添加类 CORSFilter.java 和配置文件 WebConfig.java 与我相同的代码示例。 这里有同样的问题(2.0.3)。 GET 可以,但 PUT 和 DELETE 不起作用...有消息吗? 请帮忙分享你的代码,我会调查这个问题?【参考方案2】:

我已经在我的控制器中添加了这个:

@CrossOrigin(origins = "*", maxAge = 3600L)

我还以这种方式创建了一个过滤器类:

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter 

    /**
     * CORS filter for http-request and response
     */
    public CORSFilter() 
    

    /**
     * Do Filter on every http-request.
     */
    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException 
        HttpServletResponse response = (HttpServletResponse) res;
        HttpServletRequest request = (HttpServletRequest) req;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "access_token, authorization, content-type");

        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) 
            response.setStatus(HttpServletResponse.SC_OK);
         else 
            chain.doFilter(req, res);
        
    

    /**
     * Destroy method
     */
    @Override
    public void destroy() 
    

    /**
     * Initialize CORS filter
     */
    @Override
    public void init(FilterConfig arg0) throws ServletException

现在一切正常!

希望能帮到你!

【讨论】:

以上是关于Springboot 2.0.2 - 解决 PUT 和 DELETE 的 CORS的主要内容,如果未能解决你的问题,请参考以下文章

spring boot 2.0 之后发送delete,put请求问题

springboot接收delete或者put方法体参数

springboot使用SpringBoot基础HTTP接口GET|POST|DELETE|PUT请求

spring,springmv,springboot解决跨域问题

SpringBoot 2.x 版本以put方式提交表单不生效的问题详解

SpringBoot 2.x 版本以put方式提交表单不生效的问题详解