跨域请求失败（海外Zalo应用请求转发）

Blade 未结

关注举报

 1  31

88052309 剑圣 6小时前

一、该问题的重现步骤是什么？

在越南zalo应用（类似）的服务平台请求bladex微服务平台，zalo有自己的请求转发机制，所以当我们在zalo平台发起请求的时候，最终请求到
bladex平台的请求地址都会是zalo平台的域名。
NG配置
在核心源码包对应的auth2 请求那边我们也加了对应的跨域注解
结果还是不行
在注册中心加了网关路由配置也没有作用,是否可以给予技术支持！！！感谢

二、你期待的结果是什么？实际看到的又是什么？

三、你正在使用的是什么产品，什么版本？在什么操作系统上？

bladex 企业版 centos

四、请提供详细的错误堆栈信息，这很重要。

五、若有更多详细信息，请在下面提供。

1条回答

admin - BladeX作者

3小时前

springcloud gateway用如下几种配置试试看，配置好之后先别用你说的这个海外应用调用，你先自己部署一个不同域名的网站，直接请求外置的gateway接口，看看是否会出现跨域的问题。跨域问题确认解决后再走海外应用转发的调用，到时候如果还报错就不是跨域问题，需要找其他原因了。

一、WebFluxConfigurer配置全局CORS

 @Configuration
public class CorsConfiguration {
 
    @Bean
    public WebFluxConfigurer corsConfigurer() {
        return new WebFluxConfigurer() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/**")
                        .allowedOrigins("*")
                        .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD")
                        .allowedHeaders("X-Requested-With", "Tenant-Id", "Blade-Auth", "Content-Type", 
                                "Authorization", "credential", "X-XSRF-TOKEN", "token", "username", 
                                "client", "knfie4j-gateway-request", "knife4j-gateway-code", "request-origion")
                        .exposedHeaders("*")
                        .maxAge(18000);
            }
        };
    }
}

二、使用Spring Cloud Gateway的全局CORS配置文件

 spring:
  cloud:
    gateway:
      globalcors:
        cors-configurations:
          '[/**]':
            allowedOrigins: "*"
            allowedMethods: "GET,POST,PUT,DELETE,OPTIONS,HEAD"
            allowedHeaders: "X-Requested-With,Tenant-Id,Blade-Auth,Content-Type,Authorization,credential,X-XSRF-TOKEN,token,username,client,knfie4j-gateway-request,knife4j-gateway-code,request-origion"
            allowCredentials: true
            maxAge: 18000

三、使用CorsWebFilter Bean

 @Configuration
public class CorsConfig {
 
    @Bean
    public CorsWebFilter corsWebFilter() {
        CorsConfiguration corsConfig = new org.springframework.web.cors.CorsConfiguration();
        corsConfig.setAllowedOrigins(Collections.singletonList("*"));
        corsConfig.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD"));
        corsConfig.setAllowedHeaders(Arrays.asList(
                "X-Requested-With", "Tenant-Id", "Blade-Auth", "Content-Type", 
                "Authorization", "credential", "X-XSRF-TOKEN", "token", "username", 
                "client", "knfie4j-gateway-request", "knife4j-gateway-code", "request-origion"));
        corsConfig.setExposedHeaders(Collections.singletonList("*"));
        corsConfig.setMaxAge(18000L);
        corsConfig.setAllowCredentials(true);
 
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", corsConfig);
        return new CorsWebFilter(source);
    }
}

	@Configuration
	public class CorsConfiguration {

	@Bean
	public WebFluxConfigurer corsConfigurer() {
	return new WebFluxConfigurer() {
	@Override
	public void addCorsMappings(CorsRegistry registry) {
	registry.addMapping("/**")
	.allowedOrigins("*")
	.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD")
	.allowedHeaders("X-Requested-With", "Tenant-Id", "Blade-Auth", "Content-Type",
	"Authorization", "credential", "X-XSRF-TOKEN", "token", "username",
	"client", "knfie4j-gateway-request", "knife4j-gateway-code", "request-origion")
	.exposedHeaders("*")
	.maxAge(18000);
	}
	};
	}
	}

	`spring:`
	cloud:
	gateway:
	globalcors:
	cors-configurations:
	'[/**]':
	allowedOrigins: "*"
	allowedMethods: "GET,POST,PUT,DELETE,OPTIONS,HEAD"
	allowedHeaders: "X-Requested-With,Tenant-Id,Blade-Auth,Content-Type,Authorization,credential,X-XSRF-TOKEN,token,username,client,knfie4j-gateway-request,knife4j-gateway-code,request-origion"
	allowCredentials: true
	maxAge: 18000

	`@Configuration`
	public class CorsConfig {

	@Bean
	public CorsWebFilter corsWebFilter() {
	CorsConfiguration corsConfig = new org.springframework.web.cors.CorsConfiguration();
	corsConfig.setAllowedOrigins(Collections.singletonList("*"));
	corsConfig.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD"));
	corsConfig.setAllowedHeaders(Arrays.asList(
	"X-Requested-With", "Tenant-Id", "Blade-Auth", "Content-Type",
	"Authorization", "credential", "X-XSRF-TOKEN", "token", "username",
	"client", "knfie4j-gateway-request", "knife4j-gateway-code", "request-origion"));
	corsConfig.setExposedHeaders(Collections.singletonList("*"));
	corsConfig.setMaxAge(18000L);
	corsConfig.setAllowCredentials(true);

	UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
	source.registerCorsConfiguration("/**", corsConfig);
	return new CorsWebFilter(source);
	}
	}