问题描述

springboot项目 在跨域名调用接口，并且需要传自定义的请求头时报错：

Access to XMLHttpRequest at 'http://ydatestapi.libawall.com/admin/equipment//notSelectPageResultByQuery?pageSize=10&pageIndex=1&isPagination=true&searchNumber=' from origin 'http://localhost:8080' has been blocked by CORS policy: Request header field x-access-token is not allowed by Access-Control-Allow-Headers in preflight response.

解决办法

添加统一配置response允许请求头

例如需要传 X-Access-Token 请求头，添加如下配置：

import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


@Component
public class AddResponseHeaderFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
                                    FilterChain filterChain) throws ServletException, IOException {
        httpServletResponse.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Access-Token");
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}