一般是前后端分离 跨域了
拦截器添加代码
response.setHeader("Access-Control-Allow-Credentials","true");
@Component public class ComInterceptor extends HandlerInterceptorAdapter { @Autowired IUserDao userDao; @Autowired IMethodDao methodDao; // 请求之前调用(Controller 方法之前调用) @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
response.setHeader("Access-Control-Allow-Credentials","true"); HttpSession session = request.getSession(); User user = (User) session.getAttribute("USER"); JudgeCast.cast(user, ResponseCode.NOT_LOGIN); Site siteInfo = userDao.findSiteByUserId(user.getId()); Cache.methods = methodDao.findMethodBySiteId(siteInfo.getId()); System.out.println(Cache.methods); return true; } }
或者添加配置类
@Configuration public class CorsConfig { @Bean public CorsFilter corsFilter() { final UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource(); final CorsConfiguration corsConfiguration = new CorsConfiguration(); /*是否允许请求带有验证信息*/ corsConfiguration.setAllowCredentials(true); /*允许访问的客户端域名*/ corsConfiguration.addAllowedOrigin("*"); /*允许服务端访问的客户端请求头*/ corsConfiguration.addAllowedHeader("*"); /*允许访问的方法名,GET POST等*/ corsConfiguration.addAllowedMethod("*"); urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration); return new CorsFilter(urlBasedCorsConfigurationSource); } }
原文:https://www.cnblogs.com/chenziyue/p/12659052.html