JAVA阻止程序,解决JAVA结果域之间的问题-has been blocked by CORS policy
面临的问题:在拦截器上进行权限控制,在没有权限时返回json值,结果在前端请求时被指示穿越域
注:前端站点和后端站点不是地址
报错1:
accesstoxmlhttprequestat ' http://localhost :8089/appc ICD/appinfo/getappinfos ' from origin ' http://localhost :8000 ' hasbeenblockedbycorspolicy : the ' access-control-allow-origin ' ' thatisnotequaltothesuppliedorigin.index.js 336079 error : networkerroratcreateerror.js
报错2:
accesstoxmlhttprequestat ' http://localhost :8089/appc ICD/appinfo/getappinfos ' from origin ' http://localhost :8000 ' hasbeenblockedbycorspolicy : the value of the ' acccess-control-allow-allow ' * ' when the request ' scredentialsmodeis ' include '.thecredentialsmodeofrequestsinitiatedbythexmlhttprequestiscontroledbythewythewewetttttpredttttid bycorspolicy : no ' access-control-allow-origin ' headerispresentontherequestedresource。
说明:
原因是错误1完全没有设置域间许可,错误2设置了域间许可,但域名设置为*,不允许设置*通配符
解决方法: 1、解决请求源的域名
2、将请求的域名设置为域间许可
具体代码实现如下
@ overridepublicbooleanprehandle (httpservletrequestrequest,http servlet响应,对象处理程序) throwsioexception //charset=UTF-8 '; stringoriginalurl=request.get header (' origin ); 原始URL!=null(logger.info )、request.getheader )、origin ); response.add header (访问控制- allow-origin ),originalURL ); } response.add header (' access-control-allow-credentials ',' true ' ); servletoutputstreamoutputstream=response.get output stream (JSON对象结果=new JSON对象(; result.put (resp代码),-11 ); result.put('errmsg ','用户没有此操作权限!' ); output stream.write (JSON object.tojsonstring (result ).getBytes ); 返回假; } *如果要共同配置服务器上的接口以允许跨域,请参阅其他随笔。