org.springframework.web.filter.CorsFilter Java Examples

The following examples show how to use org.springframework.web.filter.CorsFilter. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SpringBootPlusCorsConfig.java    From spring-boot-plus with Apache License 2.0 8 votes vote down vote up
/**
 * CORS跨域设置
 *
 * @return
 */
@Bean
public FilterRegistrationBean corsFilter(SpringBootPlusCorsProperties corsProperties) {
    log.debug("corsProperties:{}", corsProperties);
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration corsConfiguration = new CorsConfiguration();
    // 跨域配置
    corsConfiguration.setAllowedOrigins(corsProperties.getAllowedOrigins());
    corsConfiguration.setAllowedHeaders(corsProperties.getAllowedHeaders());
    corsConfiguration.setAllowedMethods(corsProperties.getAllowedMethods());
    corsConfiguration.setAllowCredentials(corsProperties.isAllowCredentials());
    corsConfiguration.setExposedHeaders(corsProperties.getExposedHeaders());
    corsConfiguration.setMaxAge(corsConfiguration.getMaxAge());

    source.registerCorsConfiguration(corsProperties.getPath(), corsConfiguration);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    bean.setEnabled(corsProperties.isEnable());
    return bean;
}
 
Example #2
Source File: GlobalCorsConfig.java    From leyou with Apache License 2.0 6 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    //1.添加CORS配置信息
    CorsConfiguration config = new CorsConfiguration();
    //1) 允许的域,不要写*,否则cookie就无法使用了
    config.addAllowedOrigin("http://manage.leyou.com");
    config.addAllowedOrigin("http://www.leyou.com");
    //2) 是否发送Cookie信息
    config.setAllowCredentials(true);
    //3) 允许的请求方式
    config.addAllowedMethod("OPTIONS");
    config.addAllowedMethod("POST");
    config.addAllowedHeader("*");

    //2.添加映射路径,我们拦截一切请求
    UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
    configSource.registerCorsConfiguration("/**", config);

    //3.返回新的CorsFilter.
    return new CorsFilter(configSource);
}
 
Example #3
Source File: WebAutoConfig.java    From yue-library with Apache License 2.0 6 votes vote down vote up
@Bean
@ConditionalOnMissingBean
@ConditionalOnProperty(prefix = "yue.cors", name = "allow", havingValue = "true", matchIfMissing = true)
public CorsFilter corsFilter(CorsProperties corsProperties) {
	final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	final CorsConfiguration config = new CorsConfiguration();
	
	config.setAllowCredentials(true);
	config.setAllowedHeaders(Arrays.asList("*"));
	config.setAllowedMethods(Arrays.asList("*"));
	config.setAllowedOrigins(Arrays.asList("*"));
	config.setMaxAge(3600L);
	
	// 设置response允许暴露的Headers
	List<String> exposedHeaders = corsProperties.getExposedHeaders();
	if (exposedHeaders != null) {
		config.setExposedHeaders(exposedHeaders);
	} else {
		config.addExposedHeader("token");
	}
	
	source.registerCorsConfiguration("/**", config);
	
	log.info("【初始化配置-跨域】默认配置为true,当前环境为true:默认任何情况下都允许跨域访问 ... 已初始化完毕。");
	return new CorsFilter(source);
}
 
Example #4
Source File: CorsConfiguration.java    From zuihou-admin-boot with Apache License 2.0 6 votes vote down vote up
/**
 * attention:简单跨域就是GET,HEAD和POST请求,但是POST请求的"Content-Type"只能是application/x-www-form-urlencoded, multipart/form-data 或 text/plain
 * 反之,就是非简单跨域,此跨域有一个预检机制,说直白点,就是会发两次请求,一次OPTIONS请求,一次真正的请求
 */
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final org.springframework.web.cors.CorsConfiguration config = new org.springframework.web.cors.CorsConfiguration();
    // 允许cookies跨域
    config.setAllowCredentials(true);
    // #允许向该服务器提交请求的URI,*表示全部允许,在SpringMVC中,如果设成*,会自动转成当前请求头中的Origin
    config.addAllowedOrigin("*");
    // #允许访问的头信息,*表示全部
    config.addAllowedHeader("*");
    // 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了
    config.setMaxAge(18000L);
    // 允许提交请求的方法,*表示全部允许
    config.addAllowedMethod("OPTIONS");
    config.addAllowedMethod("HEAD");
    // 允许Get的请求类型
    config.addAllowedMethod("GET");
    config.addAllowedMethod("PUT");
    config.addAllowedMethod("POST");
    config.addAllowedMethod("DELETE");
    config.addAllowedMethod("PATCH");
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #5
Source File: GlobalCorsConfig.java    From mall-learning with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #6
Source File: GlobalCorsConfig.java    From mall-learning with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #7
Source File: GatewayConfiguration.java    From open-cloud with MIT License 6 votes vote down vote up
/**
 * 跨域配置
 *
 * @return
 */
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedHeaders(Lists.newArrayList(ALLOWED_HEADERS.split(",")));
    config.setAllowedOrigins(Lists.newArrayList(ALLOWED_ORIGIN.split(",")));
    config.setAllowedMethods(Lists.newArrayList(ALLOWED_METHODS.split(",")));
    config.setMaxAge(MAX_AGE);
    config.addExposedHeader(ALLOWED_EXPOSE);

    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    //最大优先级,设置0不好使
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    log.info("CorsFilter [{}]", bean);
    return bean;
}
 
Example #8
Source File: GlobalCorsConfig.java    From mall-swarm with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #9
Source File: GlobalCorsConfig.java    From BigDataPlatform with GNU General Public License v3.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #10
Source File: GlobalCorsConfig.java    From mall-learning with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #11
Source File: GlobalCorsConfig.java    From mall-tiny with Apache License 2.0 6 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOrigin("*");
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #12
Source File: WebConfigurer.java    From cubeai with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = jHipsterProperties.getCors();
    if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
        log.debug("Registering CORS filter");
        source.registerCorsConfiguration("/api/**", config);
        source.registerCorsConfiguration("/management/**", config);
        source.registerCorsConfiguration("/v2/api-docs", config);
    }
    return new CorsFilter(source);
}
 
Example #13
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
 
Example #14
Source File: WebConfigurer.java    From java-microservices-examples with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = jHipsterProperties.getCors();
    if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
        log.debug("Registering CORS filter");
        source.registerCorsConfiguration("/api/**", config);
        source.registerCorsConfiguration("/management/**", config);
        source.registerCorsConfiguration("/v2/api-docs", config);
        source.registerCorsConfiguration("/*/api/**", config);
        source.registerCorsConfiguration("/*/management/**", config);
    }
    return new CorsFilter(source);
}
 
Example #15
Source File: WebConfigurer.java    From java-microservices-examples with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = jHipsterProperties.getCors();
    if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
        log.debug("Registering CORS filter");
        source.registerCorsConfiguration("/api/**", config);
        source.registerCorsConfiguration("/management/**", config);
        source.registerCorsConfiguration("/v2/api-docs", config);
    }
    return new CorsFilter(source);
}
 
Example #16
Source File: ConfigurerAdapter.java    From yshopmall with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.addAllowedOrigin("*");
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}
 
Example #17
Source File: SecurityConfig.java    From yshopmall with Apache License 2.0 5 votes vote down vote up
public SecurityConfig(TokenProvider tokenProvider, CorsFilter corsFilter, JwtAuthenticationEntryPoint authenticationErrorHandler, JwtAccessDeniedHandler jwtAccessDeniedHandler, ApplicationContext applicationContext) {
    this.tokenProvider = tokenProvider;
    this.corsFilter = corsFilter;
    this.authenticationErrorHandler = authenticationErrorHandler;
    this.jwtAccessDeniedHandler = jwtAccessDeniedHandler;
    this.applicationContext = applicationContext;
}
 
Example #18
Source File: SecurityConfig.java    From macrozheng with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #19
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
 
Example #20
Source File: ContextConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     CorsConfiguration config = new CorsConfiguration();
     config.addAllowedOrigin("*");
     config.setAllowCredentials(true);
     config.addAllowedHeader("*");
     config.addAllowedMethod("*");
     source.registerCorsConfiguration("/**", config);
     FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
     bean.setOrder(0);
     return bean;
}
 
Example #21
Source File: WebConfigurer.java    From cubeai with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = jHipsterProperties.getCors();
    if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
        log.debug("Registering CORS filter");
        source.registerCorsConfiguration("/api/**", config);
        source.registerCorsConfiguration("/management/**", config);
        source.registerCorsConfiguration("/v2/api-docs", config);
    }
    return new CorsFilter(source);
}
 
Example #22
Source File: WebConfigurer.java    From flair-engine with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = jHipsterProperties.getCors();
    if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
        log.debug("Registering CORS filter");
        source.registerCorsConfiguration("/api/**", config);
        source.registerCorsConfiguration("/v2/api-docs", config);
    }
    return new CorsFilter(source);
}
 
Example #23
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #24
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #25
Source File: CorsConfig.java    From code with Apache License 2.0 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
	final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	final CorsConfiguration config = new CorsConfiguration();

	config.setAllowCredentials(true);
	config.setAllowedOrigins(Collections.singletonList("*")); //http:www.a.com
	config.setAllowedHeaders(Collections.singletonList("*"));
	config.setAllowedMethods(Collections.singletonList("*"));
	config.setMaxAge(300L);

	source.registerCorsConfiguration("/**", config);
	return new CorsFilter(source);
}
 
Example #26
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #27
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #28
Source File: ApiGatewayApplication.java    From java-microservices-examples with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<CorsFilter> simpleCorsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(Collections.singletonList("*"));
    config.setAllowedMethods(Collections.singletonList("*"));
    config.setAllowedHeaders(Collections.singletonList("*"));
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>(new CorsFilter(source));
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    return bean;
}
 
Example #29
Source File: GateWayCorsConfig.java    From cloud-template with MIT License 5 votes vote down vote up
@Bean
public CorsFilter corsFilter() {
    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    final CorsConfiguration corsConfiguration = new CorsConfiguration();
    corsConfiguration.setAllowCredentials(true);
    corsConfiguration.addAllowedHeader("*");
    corsConfiguration.addAllowedOrigin("*");
    corsConfiguration.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", corsConfiguration);
    return new CorsFilter(source);
}
 
Example #30
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}