gateway cors 跨域配置

发表于 更新于 阅读次数: 阅读次数:

方法一:Spring Cloud Gateway中处理跨域请求

Gateway的cors配置不一样,需要增加webFilter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package com.yunlsp.gateway.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.cors.reactive.CorsUtils;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
import java.util.Arrays;
import java.util.List;
/**
* gateway CORS配置
*
* @author 蒋时华
* @date 2018/10/11
*/
@Configuration
public class ServiceCorsFilter {
private final StringALL ="*";
    private final StringMAX_AGE ="18000L";
    private final ListURL_LIST = Arrays.asList(
            // 海博充值商品列表     
            "/prerecordService/public/prerecord/good/passportList",
            // 海博充值下单
            "/prerecordService/prerecord/pay/passportOrder",
            // 验证海博订单支付状态
            "/prerecordService/prerecord/pay/validOrderStatus",
            // pc登录
            "/userService/public/user/pcLogin"
    );

    @Bean
    public WebFiltercorsFilter() {
            return (ServerWebExchange ctx, WebFilterChain chain) -> {
                        ServerHttpRequest request = ctx.getRequest();
                        if (!CorsUtils.isCorsRequest(request)) {
                            return chain.filter(ctx);
                        }
                        // 是否是允许跨域的接口
                        if(URL_LIST.contains(ctx.getRequest().getURI().getPath())){
                            return chain.filter(ctx);
                        }
                        HttpHeaders requestHeaders = request.getHeaders();
                        ServerHttpResponse response = ctx.getResponse();
                        HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
                        HttpHeaders headers = response.getHeaders();
                        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
                        headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS,                         requestHeaders.getAccessControlRequestHeaders());
                        if (requestMethod !=null) {
                            headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
                        }
                        headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");                      headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, ALL);                       headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
                        if (request.getMethod() == HttpMethod.OPTIONS) {                           response.setStatusCode(HttpStatus.OK);
                            return Mono.empty();
                        }
                        return chain.filter(ctx);
            };
        }
    }

方法二:gateway.yml 配置文件【 此方式,只能使用get方式请求,问题暂时未知 】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
spring:
    cloud:
        gateway:
            ## 跨域配置,需要ServiceCorsFilter.java配置文件一起使用, 否则只能使用get请求
            globalcors:
                cors-configurations:
                    '[/prerecordService/public/prerecord/good/passportList]':
                        allowedOrigins:'*'
                        allowedMethods:
                            - GET
                            - OPTIONS
                        allowedHeaders:
                            - x-requested-with
                            - Content-Type
                            - content-type
                        allowCredentials: false
                        exposedHeaders:
                            - Content-Type
                            - content-type
                            maxAge: 3600
                    '[........]'