这是一个contoller,它返回所有区域对象
CORS策略已阻止访问“http://localhost:8080/from origin”http://localhost:3000"上得XMLHttpRequest:请求得资源上不存在“access-control-allow-origin'标头。
package com.ministry.demo.controller;
import com.ministry.demo.model.District;
import com.ministry.demo.repository.DistrictRepository;
import com.ministry.demo.service.DistrictService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
@RestController
@RequestMapping(path = "district")
public class DistrictController {
@Autowired
DistrictService service;
@GetMapping(path = "getAll")
List<District> getAllDistrict(){
return service.getAllDistricts();
}
}
我找到了答案
package com.ministry.demo.controller;
import java.util.List;
@RestController
@CrossOrigin
@RequestMapping(path = "district")
public class DistrictController {
@Autowired
DistrictService service;
@GetMapping(path = "getAll")
List<District> getAllDistrict(){
return service.getAllDistricts();
}
}
如果你的后端和你的应用程序不在同一个地址上运行,你的浏览器通常不允许你调用你的后端。这是一种安全功能。
为了允许浏览器调用api,在后端响应中添加access-control-****头(从Spring应答时)。
见https://developer.mozilla.org/en-us/docs/web/http/headers/access-control-allow-origin
允许所有来源的最基本标题:
Access-Control-Allow-Origin: *
下面是在spring中添加这些头的教程:https://spring.io/guides/gs/rest-service-cors/
MyConfiguration.java
@Configuration
public class MyConfiguration implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedMethods("*");
}
}
