大家好, 当外部客户端尝试使用我的以下 api“http://host_details/processdocument”(类型为 multipartformdata)时,我收到如下错误日志详细信息所示的错误,但除此之外,所有其他类型为 application/Json 的 API工作正常。 所以请指导我找出我在 CORS 配置中犯的错误。 代码及错误详情如下:
浏览器上看到的错误日志: 访问位于“http://host_details/processdocument”的 XMLHttpRequest '来自原点'http://caller_host:4212 ' 已经 被 CORS 策略阻止:请求的资源上不存在“Access-Control-Allow-Origin” header 。
我正在使用基于 Spring Boot 的应用程序和以下 CORS 配置:
1] CORS 配置详细信息:
@Component
public class SimpleCORSFilter implements Filter {
private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);
public SimpleCORSFilter() {
log.info("SimpleCORSFilter init");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
log.info(request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "36000");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
2] Rest API Controller 类:
@RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
private ResponseEntity<Map<String, Object>> processVisa(
@RequestPart(value = "file",required=true) MultipartFile file,
@RequestPart(value = "applicationId",required=true) String applicationId,
@RequestPart(value = "fileCategory",required=true) String fileCategory)
{
//// implemntation here
}
3]API控制台中发现请求 header :
Now Multipart
Request URL:
http://host_detailas/processdocument
Request Method:
POST
Status Code:
500
Remote Address:
Remote_address_Url:82
Referrer Policy:
no-referrer-when-downgrade
Request Headers
Provisional headers are shown
Accept:
application/json, text/plain, */*
Content-Type:
multipart/form-data
Origin:
http://localhost:4222
Referer:
http://localhost:4222/
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
Request Payload
------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
Name
processdocument
最佳答案
那就是cors选项方法问题。您需要授予访问选项方法在安全性上尝试此操作
public class CustomSecurity extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....
}
}
关于java - CORS政策: No 'Access-Control-Allow-Origin' header is present on the requested resource Spring Boot Rest API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53442381/