How to solve the problem of Ajax cross-domain and cookie failure in SpringBoot-javaTutorial-php.cn

When writing the login registration page of my own project, because my registration and password change functions use email verification, the backend will add a cookie to the response data when sending the verification code

Cookie cookie = new Cookie(toEmail.split("@")[0],verCode); cookie.setMaxAge(30*60); response.addCookie(cookie);

Copy after login

and then When you click to register or change your password, the backend will obtain the cookie from the request to obtain the email and verification code information

Cookie[] cookies = request.getCookies();

Copy after login

When testing locally, the cookie can be correctly added to the response and can also be obtained correctly

How to solve the problem of Ajax cross-domain and cookie failure in SpringBoot

But when I packaged the project to the cloud and then performed ajax access, a problem occurred. Cookie acquisition failed!

There is clearly set-Cookie in the response header, but Cookie cannot be found in the second request header

The server fails to obtain the cookie and reports an error. The function of using cookies to register and change passwords is invalid. After searching for the document, I found that the error originated from the cross-domain cookie loss problem of springboot and ajax. Since I am new to the backend,

I only post my solution here

1. The ajax request needs to carryxmlhttp.withCredentials = true; #3. Set the response header for the response in the api in the Controller,key

is "Access-Control-Allow-Origin" access control allowed source, http request header information, set allowed resource sharing (cross-domain ) The source

var xmlhttp = new XMLHttpRequest(); xmlhttp.withCredentials = true; xmlhttp.open("GET", readyUrl, true); xmlhttp.send();

Copy after login

valueis request.getHeader("Origin"), which representsthe protocol and domain name

combination of the pagewhere the currently requested resource is located Together they meanAllow the current requested resource to access back-end resources across domains

After setting these three parts, I can get the cookie again

2022 -12-09 Update:

Found a more concise and convenient method to add a cross-domain request filter

Used the StringUtils.isEmpty method of the Druid data pool dependency package , if an error is reported, just write a replacement yourself

package com.crisp.myblog.config; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class corsConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") //是否发送Cookie .allowCredentials(true) //放行哪些原始域 .allowedOriginPatterns("这里填你前端代码所在的域名:端口") .allowedMethods(new String[]{"GET", "POST", "PUT", "DELETE"}) .allowedHeaders("*") .exposedHeaders("*"); } }

Copy after login

The above is the detailed content of How to solve the problem of Ajax cross-domain and cookie failure in SpringBoot. For more information, please follow other related articles on the PHP Chinese website!