本文共 3259 字，大约阅读时间需要 10 分钟。

SpringCloudApiGateway之支持Cors跨域请求

公司的项目需要前后端分离，vue+java，这时候就需要支持Cors跨域请求了。最近对zuul进行升级，假如说zuul是1.0的话，api gateway就是2.0的网关，支持ws等，基于NIO，各方面还是强大的。

新建一个Configuration类即可。

import org.springframework.cloud.client.discovery.DiscoveryClient;import org.springframework.cloud.gateway.discovery.DiscoveryClientRouteDefinitionLocator;import org.springframework.cloud.gateway.route.RouteDefinitionLocator;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.http.HttpHeaders;import org.springframework.http.HttpMethod;import org.springframework.http.HttpStatus;import org.springframework.http.server.reactive.ServerHttpRequest;import org.springframework.http.server.reactive.ServerHttpResponse;import org.springframework.web.cors.reactive.CorsUtils;import org.springframework.web.server.ServerWebExchange;import org.springframework.web.server.WebFilter;import org.springframework.web.server.WebFilterChain;import reactor.core.publisher.Mono;/** * SpringApiGateway Cors */@Configurationpublic class RouteConfiguration {    //这里为支持的请求头，如果有自定义的header字段请自己添加（不知道为什么不能使用*）    private static final String ALLOWED_HEADERS = "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN,token,username,client";    private static final String ALLOWED_METHODS = "*";    private static final String ALLOWED_ORIGIN = "*";    private static final String ALLOWED_Expose = "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN,token,username,client";    private static final String MAX_AGE = "18000L";    @Bean    public WebFilter corsFilter() {        return (ServerWebExchange ctx, WebFilterChain chain) -> {            ServerHttpRequest request = ctx.getRequest();            if (CorsUtils.isCorsRequest(request)) {                ServerHttpResponse response = ctx.getResponse();                HttpHeaders headers = response.getHeaders();                headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN);                headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);                headers.add("Access-Control-Max-Age", MAX_AGE);                headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS);                headers.add("Access-Control-Expose-Headers", ALLOWED_Expose);                headers.add("Access-Control-Allow-Credentials", "true");                if (request.getMethod() == HttpMethod.OPTIONS) {                    response.setStatusCode(HttpStatus.OK);                    return Mono.empty();                }            }            return chain.filter(ctx);        };    }    /**    *    *如果使用了注册中心（如：Eureka），进行控制则需要增加如下配置    */    @Bean    public RouteDefinitionLocator discoveryClientRouteDefinitionLocator(DiscoveryClient discoveryClient) {        return new DiscoveryClientRouteDefinitionLocator(discoveryClient);    }}

application.yml配置

官方文档提及到还有另外一种方式，就是通过yml来配置。

spring:  cloud:    gateway:      globalcors:        corsConfigurations:          '[/**]':            allowedOrigins: "https://blog.csdn.net/moshowgame"            allowedMethods:            - GET

转载地址：https://blog.csdn.net/yucaifu1989/article/details/105733483 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！